urlscan.io logo urlscan.io
SecurityTrails logo

ans-wer.com Open in urlscan Pro
2606:4700:20::681a:4c3  Public Scan

Go To Rescan Add Verdict Report
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Submission: On November 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 145 IPs in 15 countries across 135 domains to perform 1323 HTTP transactions. The main IP is 2606:4700:20::681a:4c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ans-wer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2021. Valid for: a year.
This is the only time ans-wer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
4 8 2a03:2880:f21... 32934 (FACEBOOK)
14 2606:2800:234... 15133 (EDGECAST)
1 1 2.16.186.19 20940 (AKAMAI-ASN1)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
3 2600:1901:0:3... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
72 2a00:1450:400... 15169 (GOOGLE)
21 185.220.204.204 41436 (CLOUDWEBM...)
14 104.19.132.78 13335 (CLOUDFLAR...)
1 151.139.242.29 33438 (HIGHWINDS2)
9 2a00:1450:400... 15169 (GOOGLE)
1 32 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.186.36 16509 (AMAZON-02)
2 151.101.129.194 54113 (FASTLY)
1 13.225.78.128 16509 (AMAZON-02)
1 13.225.78.105 16509 (AMAZON-02)
17 13.224.198.4 16509 (AMAZON-02)
8 51 2.18.234.21 16625 (AKAMAI-AS)
37 142.250.185.130 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
10 2.18.233.180 16625 (AKAMAI-AS)
3 3 23.34.190.24 16625 (AKAMAI-AS)
6 23.79.143.124 16625 (AKAMAI-AS)
3 4 185.94.180.126 35220 (SPOTX-AMS)
10 66 35.244.159.8 15169 (GOOGLE)
2 2a0c:5c81:513... 55081 (24SHELLS)
13 185.237.97.240 204548 (CLOUDWEBM...)
34 38 18.193.90.196 16509 (AMAZON-02)
2 2 162.55.6.212 24940 (HETZNER-AS)
4 6 185.33.221.50 29990 (ASN-APPNEX)
2 34.120.133.55 15169 (GOOGLE)
11 27 15.197.193.217 16509 (AMAZON-02)
1 13.225.78.23 16509 (AMAZON-02)
1 13.225.78.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 17 2a00:1450:400... 15169 (GOOGLE)
1 18.193.42.157 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 198.47.127.19 62713 (AS-PUBMATIC)
3 104.244.42.200 13414 (TWITTER)
3 2600:9000:223... 16509 (AMAZON-02)
2 3 37.157.4.39 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
1 46.249.52.249 50673 (SERVERIUS-AS)
1 13.225.78.93 16509 (AMAZON-02)
4 69.173.151.100 26667 (RUBICONPR...)
2 2.16.186.170 20940 (AKAMAI-ASN1)
89 2a00:1450:400... 15169 (GOOGLE)
27 35.186.236.140 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13 18.196.169.148 16509 (AMAZON-02)
53 2a00:1450:400... 15169 (GOOGLE)
2 92.123.225.57 20940 (AKAMAI-ASN1)
5 12 188.132.147.235 42910 (PREMIERDC...)
1 1 3.124.136.236 16509 (AMAZON-02)
43 92 216.58.212.130 15169 (GOOGLE)
2 2 104.111.215.191 16625 (AKAMAI-AS)
4 4 34.98.67.61 15169 (GOOGLE)
3 5 35.186.253.211 15169 (GOOGLE)
1 1 79.137.69.91 16276 (OVH)
24 2a01:7e01:1::... 63949 (LINODE-AP...)
12 147.75.38.124 54825 (PACKET)
28 35.157.246.167 16509 (AMAZON-02)
12 34.149.20.76 15169 (GOOGLE)
12 23.34.186.99 16625 (AKAMAI-AS)
12 178.162.133.150 60781 (LEASEWEB-...)
13 185.64.189.112 62713 (AS-PUBMATIC)
12 34.107.148.139 15169 (GOOGLE)
16 104.16.68.69 13335 (CLOUDFLAR...)
17 216.52.2.30 29791 (VOXEL-DOT...)
25 54.228.52.99 16509 (AMAZON-02)
12 52.22.182.4 14618 (AMAZON-AES)
9 26 185.33.221.53 29990 (ASN-APPNEX)
12 34.254.8.42 16509 (AMAZON-02)
14 52.59.104.236 16509 (AMAZON-02)
1 1 62.209.227.210 5588 (GTSCE GTS...)
3 2606:2800:134... 15133 (EDGECAST)
3 4 18.194.17.206 16509 (AMAZON-02)
3 7 3.126.56.137 16509 (AMAZON-02)
5 8 151.101.2.49 54113 (FASTLY)
10 10 185.29.134.244 30419 (MEDIAMATH...)
1 1 37.252.173.214 29990 (ASN-APPNEX)
3 104.244.43.131 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
2 2 178.250.0.163 44788 (ASN-CRITE...)
5 10 37.157.6.242 198622 (ADFORM)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
5 2a00:1450:400... 15169 (GOOGLE)
18 3.127.133.197 16509 (AMAZON-02)
24 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 104.19.135.78 13335 (CLOUDFLAR...)
10 142.250.186.66 15169 (GOOGLE)
24 213.254.244.21 36062 (DOUBLE-VE...)
10 217.79.188.10 24961 (MYLOC-AS ...)
2 217.79.188.46 24961 (MYLOC-AS ...)
13 104.111.242.245 16625 (AKAMAI-AS)
1 151.101.194.132 54113 (FASTLY)
10 10 85.114.159.93 24961 (MYLOC-AS ...)
5 67.202.105.23 32748 (STEADFAST)
10 34.193.81.8 14618 (AMAZON-AES)
5 2.18.235.93 16625 (AKAMAI-AS)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.139.94 201081 (SMARTADSE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 185.184.8.65 204995 (RTB-HOUSE...)
2 2 34.247.120.79 16509 (AMAZON-02)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 18.184.122.71 16509 (AMAZON-02)
6 6 188.165.137.78 16276 (OVH)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 217.79.188.21 24961 (MYLOC-AS ...)
5 3.208.219.24 14618 (AMAZON-AES)
8 8 3.124.143.99 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
15 15 52.49.238.187 16509 (AMAZON-02)
3 28 185.64.190.80 62713 (AS-PUBMATIC)
3 199.187.193.193 47043 (SMARTADSE...)
1 1 51.75.146.160 16276 (OVH)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 35.227.248.159 15169 (GOOGLE)
1 1 35.176.195.187 16509 (AMAZON-02)
5 7 169.50.137.182 36351 (SOFTLAYER)
2 4 52.28.175.201 16509 (AMAZON-02)
2 5 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 5 66.155.71.150 13768 (COGECO-PEER1)
2 52.28.254.122 16509 (AMAZON-02)
5 6 51.222.80.231 16276 (OVH)
4 4 34.254.143.3 16509 (AMAZON-02)
5 5 2001:678:cb4:... 56396 (AMOBEE)
6 2a05:d018:d29... 16509 (AMAZON-02)
4 6 52.19.22.209 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 54.204.89.2 14618 (AMAZON-AES)
2 2 3.120.43.188 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 213.155.156.183 1299 (TWELVE99 ...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2 209.54.178.82 16509 (AMAZON-02)
2 72.251.245.179 29791 (VOXEL-DOT...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 38.91.45.7 398989 (DEEPINTENT)
7 3.229.193.232 14618 (AMAZON-AES)
2 2 52.214.156.237 16509 (AMAZON-02)
1 35.241.40.233 ()
1 192.132.33.46 18568 (BIDTELLECT)
1 52.45.128.104 14618 (AMAZON-AES)
1 2 54.208.142.27 14618 (AMAZON-AES)
1 75.101.235.47 14618 (AMAZON-AES)
2 2 35.210.178.101 19527 (GOOGLE-2)
23 2.16.186.146 20940 (AKAMAI-ASN1)
2 2 35.210.53.219 15169 (GOOGLE)
10 213.19.147.43 26120 (RHYTHMONE)
3 185.86.137.113 201081 (SMARTADSE...)
1 108.128.92.179 16509 (AMAZON-02)
1 54.174.213.70 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
1 51.89.7.199 16276 (OVH)
2 198.47.127.20 3257 (GTT-BACKB...)
1 34.96.105.8 15169 (GOOGLE)
1 2 52.95.115.255 16509 (AMAZON-02)
3 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.175.176.13 14618 (AMAZON-AES)
2 2 51.178.20.139 16276 (OVH)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 1 195.5.165.20 44968 (IPROM-AS)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
2 2 38.27.122.101 174 (COGENT-174)
1 1 52.44.220.233 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2 52.86.83.177 14618 (AMAZON-AES)
2 2 99.80.151.46 16509 (AMAZON-02)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
2 99.83.181.31 16509 (AMAZON-02)
2 2 3.127.51.194 16509 (AMAZON-02)
2 185.86.138.122 ()
2 142.250.185.66 ()
1 1 146.0.227.109 ()
1323 145
14    2606:4700:20::681a:4c3 (United States)

ASN13335 (CLOUDFLARENET, US)
ans-wer.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
8    2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
14    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2.16.186.19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
www.tiktok.com
1    2a02:26f0:ef::5c7b:c29b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
sf16-scmcdn-sg.ibytedtos.com
3    2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
monu.delivery
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
72    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
21    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
14    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
images.dmca.com
9    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
32    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.186.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-36.fra2.r.cloudfront.net
ats.rlcdn.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net
get.s-onetag.com
1    13.225.78.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-105.fra2.r.cloudfront.net
js.gumgum.com
17    13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
51    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
37    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
pubads.g.doubleclick.net
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
11    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.34.190.24 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-190-24.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
66    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
bloggernetwork-d.openx.net
us-u.openx.net
eu-u.openx.net
playbuzzltd-d.openx.net
2    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
13    185.237.97.240 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
38    18.193.90.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
6    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
27    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.225.78.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-19.fra2.r.cloudfront.net
signal-beacon.s-onetag.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
17    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    18.193.42.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2600:9000:223f:c600:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
3    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
1    46.249.52.249 (Aalsmeer, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net
geo.privacymanager.io
4    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    2.16.186.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-170.deploy.static.akamaitechnologies.com
sf-hs-sg.ibytedtos.com
89    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
27    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
16    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    18.196.169.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
ih.adscale.de
53    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    92.123.225.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-57.deploy.static.akamaitechnologies.com
s16.tiktokcdn.com
12    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    3.124.136.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com
d.agkn.com
92    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    79.137.69.91 (France)

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl
googlecm.hit.gemius.pl
24    2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
ipwatch.monu.delivery
12    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
28    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
12    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
12    23.34.186.99 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-186-99.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
12    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
13    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
16    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
17    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
25    54.228.52.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
12    52.22.182.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-182-4.compute-1.amazonaws.com
display.bfmio.com
26    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
12    34.254.8.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
14    52.59.104.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    62.209.227.210 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid1.ibillboard.com
bbnaut.ibillboard.com
3    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
4    18.194.17.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-17-206.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
10    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    37.252.173.214 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
3    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
13    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
10    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
18    3.127.133.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
24    2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
cdn3.doubleverify.com
8    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
10    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
24    213.254.244.21 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20517.doubleverify.com
tps20511.doubleverify.com
tps20524.doubleverify.com
tps20523.doubleverify.com
tps20525.doubleverify.com
tps20515.doubleverify.com
10    217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
13    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
10    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
10    34.193.81.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-81-8.compute-1.amazonaws.com
sync.bfmio.com
5    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    34.247.120.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-120-79.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    18.184.122.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
5    3.208.219.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-219-24.compute-1.amazonaws.com
prd-collector-anon.ex.co
8    3.124.143.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com
ads.avct.cloud
15    52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
28    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
ws.rqtrk.eu
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    35.176.195.187 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com
aa.agkn.com
7    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    52.28.175.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-175-201.eu-central-1.compute.amazonaws.com
j.mrpdata.net
5    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
5    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.28.254.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-122.eu-central-1.compute.amazonaws.com
match.justpremium.com
6    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
4    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    2a05:d018:d29:3601:f879:a4cf:9cbb:9098 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
1    2a02:26f0:6c00::210:bb21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    54.204.89.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-89-2.compute-1.amazonaws.com
atrack.avplayer.com
2    3.120.43.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-43-188.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
7    3.229.193.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-193-232.compute-1.amazonaws.com
track1.aniview.com
2    52.214.156.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-156-237.eu-west-1.compute.amazonaws.com
d.adroll.com
1    35.241.40.233 (None, )

ASN- ()
dmp.brand-display.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-128-104.compute-1.amazonaws.com
rtb.adentifi.com
2    54.208.142.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-142-27.compute-1.amazonaws.com
um2.eqads.com
1    75.101.235.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-235-47.compute-1.amazonaws.com
premiumsrv.aniview.com
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
23    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
10    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.targeting.unrulymedia.com
tag.1rx.io
3    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
1    108.128.92.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.174.213.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-213-70.compute-1.amazonaws.com
sync.aniview.com
12    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    51.89.7.199 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p21.id5-sync.com
id5-sync.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-176-13.compute-1.amazonaws.com
sync.ipredictive.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    52.44.220.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-220-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    52.86.83.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-177.compute-1.amazonaws.com
a.audrte.com
2    99.80.151.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-151-46.eu-west-1.compute.amazonaws.com
r.scoota.co
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    185.86.138.122 (None, )

ASN- ()
prg.smartadserver.com
2    142.250.185.66 (None, )

ASN- ()
ade.googlesyndication.com
1    146.0.227.109 (None, )

ASN- ()
inv-nets.admixer.net
Apex Domain
Subdomains		 Transfer
176 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
171 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
604 KB
71 openx.net
u.openx.net
rtb.openx.net
bloggernetwork-d.openx.net
us-u.openx.net
eu-u.openx.net
playbuzzltd-d.openx.net
17 KB
61 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
hbopenbid.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
81 KB
54 monu.delivery
monu.delivery
imps.monu.delivery
ipwatch.monu.delivery
169 KB
53 2mdn.net
s0.2mdn.net
740 KB
52 casalemedia.com
ssum-sec.casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
55 KB
48 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20517.doubleverify.com
tps20511.doubleverify.com
tps20524.doubleverify.com
tps20523.doubleverify.com
tps20525.doubleverify.com
tps20515.doubleverify.com
174 KB
42 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
10 KB
38 bidswitch.net
x.bidswitch.net
17 KB
34 primis.tech
live.primis.tech
video.primis.tech
2 MB
33 adnxs.com
secure.adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
35 KB
29 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
2 MB
28 google.com
adservice.google.com
www.google.com
16 KB
27 adsrvr.org
match.adsrvr.org
10 KB
26 gumgum.com
js.gumgum.com
g2.gumgum.com
rtb.gumgum.com
58 KB
24 adition.com
imagesrv.adition.com
ad4.adfarm1.adition.com
dsp.adfarm1.adition.com
ad2.adfarm1.adition.com
68 KB
22 bfmio.com
display.bfmio.com
sync.bfmio.com
12 KB
22 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
255 KB
21 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
87 KB
18 clarium.io
protected-by.clarium.io
6 KB
17 lijit.com
ap.lijit.com
9 KB
17 media.net
prebid.media.net
contextual.media.net
48 KB
17 33across.com
ssc.33across.com
ssc-cms.33across.com
2 KB
17 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
2 MB
17 twitter.com
platform.twitter.com
syndication.twitter.com
441 KB
16 districtm.io
dmx.districtm.io
cdn.districtm.io
663 B
16 googletagservices.com
www.googletagservices.com
592 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
15 bidr.io
match.prod.bidr.io
7 KB
15 sharethrough.com
btlr.sharethrough.com
match.sharethrough.com
2 KB
14 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
14 ans-wer.com
ans-wer.com
142 KB
13 teads.tv
sync.teads.tv
2 KB
13 adform.net
cm.adform.net
track.adform.net
c1.adform.net
5 KB
13 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
33 KB
12 yieldmo.com
ads.yieldmo.com
3 KB
12 sonobi.com
apex.go.sonobi.com
8 KB
12 a-mo.net
prebid.a-mo.net
418 B
11 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
205 KB
11 indexww.com
js-sec.indexww.com
22 KB
10 mathtag.com
sync.mathtag.com
5 KB
9 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
www9.smartadserver.com
prg.smartadserver.com
3 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
144 KB
9 youtube.com
www.youtube.com
696 KB
9 instagram.com
platform.instagram.com
www.instagram.com
11 KB
8 w55c.net
pm.w55c.net
6 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
7 unrulymedia.com
tag.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
3 KB
7 simpli.fi
um.simpli.fi
3 KB
6 1rx.io
tag.1rx.io
sync.1rx.io
2 KB
6 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
6 onaudience.com
pixel.onaudience.com
3 KB
6 erne.co
green.erne.co
1 KB
6 twimg.com
cdn.syndication.twimg.com
abs-0.twimg.com
pbs.twimg.com
19 KB
5 turn.com
ad.turn.com
2 KB
5 sitescout.com
pixel-sync.sitescout.com
1 KB
5 dotomi.com
openx2-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
682 B
5 ampproject.org
cdn.ampproject.org
103 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 google.de
adservice.google.de
1 KB
5 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
17 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
4 exelator.com
loada.exelator.com
4 KB
4 mrpdata.net
j.mrpdata.net
1 KB
4 mookie1.com
odr.mookie1.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 google-analytics.com
www.google-analytics.com
20 KB
3 deepintent.com
match.deepintent.com
99 B
3 ad4m.at
ad4m.at
170 B
3 rlcdn.com
ats.rlcdn.com
api.rlcdn.com
58 KB
3 googletagmanager.com
www.googletagmanager.com
132 KB
3 ibytedtos.com
sf16-scmcdn-sg.ibytedtos.com
sf-hs-sg.ibytedtos.com
18 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 scoota.co
r.scoota.co
1 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 bnmla.com
match.bnmla.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 dyntrk.com
gu.dyntrk.com
916 B
2 ipredictive.com
sync.ipredictive.com
959 B
2 admedo.com
pool.admedo.com
715 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 eqads.com
um2.eqads.com
563 B
2 adroll.com
d.adroll.com
223 B
2 adgrx.com
cm.adgrx.com
816 B
2 de17a.com
d5p.de17a.com
637 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 justpremium.com
match.justpremium.com
646 B
2 tapad.com
pixel.tapad.com
976 B
2 avct.cloud
ads.avct.cloud
888 B
2 rfihub.com
p.rfihub.com
2 KB
2 360yield.com
ad.360yield.com
614 B
2 zeotap.com
mwzeom.zeotap.com
646 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
760 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 criteo.com
dis.criteo.com
909 B
2 addthis.com
e.dlx.addthis.com
1 KB
2 agkn.com
d.agkn.com
aa.agkn.com
1 KB
2 tiktokcdn.com
s16.tiktokcdn.com
6 KB
2 loopme.me
csync.loopme.me
450 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
124 KB
2 cloudflare.com
cdnjs.cloudflare.com
88 KB
1 admixer.net
inv-nets.admixer.net
582 B
1 playground.xyz
ads.playground.xyz
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 stackadapt.com
sync.srv.stackadapt.com
652 B
1 iprom.net
core.iprom.net
515 B
1 blismedia.com
tr.blismedia.com
142 B
1 id5-sync.com
id5-sync.com
529 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bttrack.com
bttrack.com
380 B
1 brand-display.com
dmp.brand-display.com
1 contextweb.com
bh.contextweb.com
497 B
1 rqtrk.eu
ws.rqtrk.eu
513 B
1 lentainform.com
cm.lentainform.com
495 B
1 creativecdn.com
creativecdn.com
250 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
879 B
1 demdex.net
dpm.demdex.net Failed
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 gemius.pl
googlecm.hit.gemius.pl
338 B
1 privacymanager.io
geo.privacymanager.io
590 B
1 e-planning.net
ads.us.e-planning.net
92 B
1 ytimg.com
i.ytimg.com
55 KB
1 ggpht.com
yt3.ggpht.com
4 KB
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 googleadservices.com
partner.googleadservices.com
437 B
1 dmca.com
images.dmca.com
5 KB
1 tiktok.com
www.tiktok.com
923 B
0 adotmob.com Failed
sync.adotmob.com Failed
0 quantserve.com Failed
pixel.quantserve.com Failed
1323 135
Domain Requested by
92 cm.g.doubleclick.net 43 redirects ans-wer.com
googleads.g.doubleclick.net
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
monu.delivery
eu-u.openx.net
89 tpc.googlesyndication.com googleads.g.doubleclick.net
ans-wer.com
tpc.googlesyndication.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
cdn.ampproject.org
72 pagead2.googlesyndication.com ans-wer.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
srcdoc
53 s0.2mdn.net tpc.googlesyndication.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ans-wer.com
s0.2mdn.net
imasdk.googleapis.com
38 x.bidswitch.net 34 redirects ans-wer.com
eu-u.openx.net
ssum.casalemedia.com
32 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
ans-wer.com
googleads.g.doubleclick.net
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
30 us-u.openx.net 7 redirects googleads.g.doubleclick.net
eu-u.openx.net
u.openx.net
28 c2shb.ssp.yahoo.com monu.delivery
27 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
ssum.casalemedia.com
27 imps.monu.delivery ans-wer.com
27 match.adsrvr.org 11 redirects js-sec.indexww.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
monu.delivery
eu-u.openx.net
ssum-sec.casalemedia.com
27 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
ans-wer.com
www.googletagservices.com
26 ib.adnxs.com 9 redirects monu.delivery
googleads.g.doubleclick.net
player.aniview.com
24 ipwatch.monu.delivery monu.delivery
23 mcd.ex.co player.avplayer.com
22 g2.gumgum.com monu.delivery
js.gumgum.com
21 live.primis.tech ans-wer.com
live.primis.tech
19 eu-u.openx.net 1 redirects monu.delivery
eu-u.openx.net
u.openx.net
18 simage2.pubmatic.com ads.pubmatic.com
18 cdn.doubleverify.com 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ans-wer.com
18 protected-by.clarium.io ans-wer.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
17 ap.lijit.com monu.delivery
17 www.google.com 1 redirects www.youtube.com
googleads.g.doubleclick.net
ans-wer.com
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
17 c.amazon-adsystem.com monu.delivery
live.primis.tech
c.amazon-adsystem.com
16 www.googletagservices.com googleads.g.doubleclick.net
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ans-wer.com
15 match.prod.bidr.io 15 redirects
14 btlr.sharethrough.com monu.delivery
14 platform.twitter.com ans-wer.com
platform.twitter.com
14 ans-wer.com ans-wer.com
13 sync.teads.tv googleads.g.doubleclick.net
u.openx.net
13 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
13 hbopenbid.pubmatic.com monu.delivery
player.aniview.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 video.primis.tech live.primis.tech
ans-wer.com
12 imasdk.googleapis.com player.aniview.com
12 bloggernetwork-d.openx.net monu.delivery
12 ads.yieldmo.com monu.delivery
12 display.bfmio.com monu.delivery
12 prebid.media.net monu.delivery
12 apex.go.sonobi.com monu.delivery
12 htlb.casalemedia.com monu.delivery
12 ssc.33across.com monu.delivery
12 prebid.a-mo.net monu.delivery
11 dmx.districtm.io monu.delivery
11 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
11 js-sec.indexww.com monu.delivery
ssum-sec.casalemedia.com
10 image2.pubmatic.com 3 redirects ads.pubmatic.com
10 sync.bfmio.com monu.delivery
sync.bfmio.com
10 dsp.adfarm1.adition.com 10 redirects
10 imagesrv.adition.com 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ans-wer.com
imagesrv.adition.com
10 googleads4.g.doubleclick.net googleads.g.doubleclick.net
ans-wer.com
10 c1.adform.net 5 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
10 sync.mathtag.com 10 redirects
10 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
monu.delivery
ads.pubmatic.com
player.aniview.com
9 pubads.g.doubleclick.net imasdk.googleapis.com
9 www.youtube.com ans-wer.com
www.youtube.com
8 pm.w55c.net 8 redirects
8 cm.mgid.com jsc.mgid.com
ans-wer.com
8 s-img.mgid.com ans-wer.com
8 sync-tm.everesttech.net 5 redirects ssum-sec.casalemedia.com
8 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 www.instagram.com 4 redirects ans-wer.com
platform.instagram.com
7 track1.aniview.com ans-wer.com
player.aniview.com
7 um.simpli.fi 5 redirects ads.pubmatic.com
ssum.casalemedia.com
7 ups.analytics.yahoo.com 3 redirects ans-wer.com
ssum-sec.casalemedia.com
7 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
6 tag.targeting.unrulymedia.com player.aniview.com
6 pr-bh.ybp.yahoo.com eu-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
6 pixel.onaudience.com 5 redirects ads.pubmatic.com
6 green.erne.co 6 redirects
6 rtb0.doubleverify.com ans-wer.com
6 cdn3.doubleverify.com ans-wer.com
6 secure.adnxs.com 4 redirects ssum-sec.casalemedia.com
6 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
cm.mgid.com
player.aniview.com
6 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
5 ad.turn.com 5 redirects
5 pixel-sync.sitescout.com 5 redirects
5 prd-collector-anon.ex.co player.ex.co
5 contextual.media.net monu.delivery
5 cdn.districtm.io monu.delivery
5 ssc-cms.33across.com monu.delivery
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 ads4.admatic.com.tr 5 redirects
5 rtb.openx.net 3 redirects eu-u.openx.net
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 fonts.googleapis.com ans-wer.com
live.primis.tech
googleads.g.doubleclick.net
client
imagesrv.adition.com
5 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 tag.1rx.io player.aniview.com
4 bcp.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
4 loada.exelator.com 4 redirects
4 j.mrpdata.net 2 redirects eu-u.openx.net
4 pixel.advertising.com 3 redirects ans-wer.com
4 odr.mookie1.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www9.smartadserver.com player.aniview.com
3 match.deepintent.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
3 atrack.avplayer.com ans-wer.com
3 rtb-csync.smartadserver.com eu-u.openx.net
3 tps20515.doubleverify.com cdn.doubleverify.com
3 tps20525.doubleverify.com cdn.doubleverify.com
3 tps20523.doubleverify.com cdn.doubleverify.com
3 rtb.gumgum.com monu.delivery
ans-wer.com
ads.pubmatic.com
3 tps20524.doubleverify.com cdn.doubleverify.com
3 tps20511.doubleverify.com cdn.doubleverify.com
3 tps20517.doubleverify.com cdn.doubleverify.com
3 abs-0.twimg.com ans-wer.com
3 www.gstatic.com googleads.g.doubleclick.net
www.youtube.com
www.gstatic.com
3 token.rubiconproject.com eus.rubiconproject.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 syndication.twitter.com platform.twitter.com
ans-wer.com
3 u.openx.net 2 redirects player.aniview.com
3 secure-assets.rubiconproject.com 3 redirects
3 www.googletagmanager.com ans-wer.com
www.googletagmanager.com
3 monu.delivery ans-wer.com
monu.delivery
2 ade.googlesyndication.com ans-wer.com
2 prg.smartadserver.com player.aniview.com
2 ads.creative-serving.com 2 redirects
2 r.scoota.co 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 match.bnmla.com 2 redirects
2 sync.1rx.io 2 redirects
2 gu.dyntrk.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 s.tribalfusion.com 1 redirects ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects u.openx.net
2 simage4.pubmatic.com ads.pubmatic.com
2 playbuzzltd-d.openx.net player.aniview.com
2 pool.admedo.com 2 redirects
2 a.volvelle.tech 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 d.adroll.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 player.aniview.com player.ex.co
player.aniview.com
2 sync.crwdcntrl.net 2 redirects
2 match.justpremium.com eu-u.openx.net
2 openx2-match.dotomi.com eu-u.openx.net
2 pixel.tapad.com 2 redirects
2 ads.avct.cloud 2 redirects
2 ad2.adfarm1.adition.com ans-wer.com
2 p.rfihub.com 2 redirects
2 ad.360yield.com 2 redirects
2 mwzeom.zeotap.com ans-wer.com
ads.pubmatic.com
2 sync.e-volution.ai 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 ad4.adfarm1.adition.com 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
ans-wer.com
2 tracking.m6r.eu 2 redirects
2 dis.criteo.com 2 redirects
2 cdn.mgid.com ans-wer.com
2 track.adform.net 2 redirects
2 pbs.twimg.com ans-wer.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 e.dlx.addthis.com 2 redirects
2 s16.tiktokcdn.com www.tiktok.com
2 sf-hs-sg.ibytedtos.com www.tiktok.com
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 api.rlcdn.com js-sec.indexww.com
monu.delivery
2 csync.loopme.me 2 redirects
2 confiant-integrations.global.ssl.fastly.net monu.delivery
confiant-integrations.global.ssl.fastly.net
2 jsc.mgid.com ans-wer.com
jsc.mgid.com
2 cdnjs.cloudflare.com ans-wer.com
cdnjs.cloudflare.com
1 inv-nets.admixer.net 1 redirects
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 tr.blismedia.com u.openx.net
1 id5-sync.com player.aniview.com
1 sync.aniview.com ssum.casalemedia.com
1 premiumsrv.aniview.com player.aniview.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 player.avplayer.com player.ex.co
1 aa.agkn.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 match.sharethrough.com ans-wer.com
1 cm.lentainform.com ans-wer.com
1 creativecdn.com 1 redirects
1 pixel.rubiconproject.com ans-wer.com
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io ans-wer.com
1 s.adtelligent.com cm.mgid.com
1 dpm.demdex.net ans-wer.com
ssum.casalemedia.com
1 player.ex.co ans-wer.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 adscale-emea.adnxs.com 1 redirects
1 cdn.syndication.twimg.com platform.twitter.com
1 bbnaut.ibillboard.com 1 redirects
1 googlecm.hit.gemius.pl 1 redirects
1 d.agkn.com 1 redirects
1 geo.privacymanager.io ats.rlcdn.com
1 ads.us.e-planning.net s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 as-sec.casalemedia.com js-sec.indexww.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 ads.adaptv.advertising.com live.primis.tech
1 static.doubleclick.net www.youtube.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 s.console.adtarget.com.tr live.primis.tech
1 partner.googleadservices.com pagead2.googlesyndication.com
1 js.gumgum.com monu.delivery
1 get.s-onetag.com monu.delivery
1 ats.rlcdn.com monu.delivery
1 images.dmca.com ans-wer.com
1 sf16-scmcdn-sg.ibytedtos.com ans-wer.com
1 www.tiktok.com 1 redirects
1 platform.instagram.com 1 redirects
0 sync.adotmob.com Failed ssum.casalemedia.com
0 sync.adtelligent.com Failed s.adtelligent.com
0 pixel.quantserve.com Failed eu-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
1323 234

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
widgets.mgid.com
www.mgid.com
www.dmca.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-12 -
2022-08-11		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2020-08-18 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2020-03-13 -
2022-04-04		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-08-19 -
2021-11-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.ibytedtos.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-08-21 -
2022-08-22		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.tiktokcdn.com
RapidSSL RSA CA 2018		 2020-06-11 -
2022-06-12		 2 years crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.bfmio.com
Amazon		 2021-04-23 -
2022-05-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
outstreamedia.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-25 -
2021-12-15		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh

This page contains 193 frames:

Primary Page: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Frame ID: 248722FFD12E0B01A1C8B67AB93ED8E3
Requests: 465 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: C34FE6C38433DB2EA8FDC51696AEE20B
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/T1NeHRuPpoM
Frame ID: FEFFC593D4B792DD96CF964BF995317D
Requests: 18 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 58E19ACE9B243A57C23B67C07900A47E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Frame ID: 23A5033EDBF9EF55D29465F0C9415346
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fans-wer.com
Frame ID: 68E5C519F05756F5800A23796347D023
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&adk=1812271804&adf=3025194257&lmt=1636554992&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992432&bpp=4&bdt=634&idt=144&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5656659755628&frm=20&pv=2&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: 8D77E505E08075245BDFEE6A84C1B4CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Frame ID: 0C3C6DB80A6B818CB04EFFCBEEAE55DD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Frame ID: BC33CDB3CD9A4523E3EA0D01DA42FEBF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 958272B2B9CD6E58EDEE5361E34501B0
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 3A7579D6667EC4806EE10140AFB02BBB
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Frame ID: DA7443D2177B50866694754D2721327E
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=94&advUuid=99e42651-4233-11ec-9c19-197e22df0506
Frame ID: 6A2718A787E72948145CF8632C72F2C6
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=98&advUuid=a2b1c853-5b35-496e-9674-e942dd3424d4
Frame ID: BD12A082E632C6E64BDDD2B2CEF9C35F
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 2265BB92AC0305B32952E6B53A3B86C0
Requests: 2 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: BDC518A832339F18A379F1BF3F5D998D
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: EC7A9CE925FC3F7786EB25D3B7187C88
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 435629B4F68C646995C45DF6D7E94BD8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 1F4487564E9AB8C39355A7774BA7E18D
Requests: 10 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: DDE3834EF14473A6E915CD28BE4E3E1B
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=EOA0VHTlN7sWT0ZE90fa&pi=admatic&tc=1
Frame ID: AFEB4AD81A02C5158D74F1221822A123
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: F4ABE23E546E6512CE1E0FA6E8B180EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: EA4571FDF4D016D5DC937CB0A6C208B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Frame ID: 9A2345CAB72ECA7FEA20CE7E7DC46E80
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COIbg8diLYfHsEIHI1fAPzZiE4Av0zfuGZvzwiaiPDam_woSKGxABINOArQtglYKAgJgHoAH02syZA8gBCakCrsmE3Wdgsz6oAwHIA0iqBPEBT9BL5Z1-M7oQn6nRztkyRh-sV-reW-CiF2IBc3Z8c2G4r-w4fHhblG8Prp93VsseqHNO4G0EJfOfa0SyCGB283JOgDatB-f_5kFV2VzR9LoP5mrVnithcfj2MeF6LXfIGldaFyGL5OTUtj3BHbWba7AlpWe8ob3GZjfbsZmnKn8pklJEMnoNhc01c9J6g4YX3G8liLc1OQWJYHr3nhWv7vHwz1ymX8tGHJP5DzIdrxKpsvVx78-HcMZNkbzuUa3Tl5ttGlUoeQRnZRNx8W3BVu3ecklS5IzICVA3Bt-zW0bANkRyulLgBNe1n3XN68MIIsAE_f6_iIkDkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCr-jXSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTg4MjcwNjUyNDMwODQwNhgA&sigh=SPX-u6ydmUE&uach_m=[UACH]&template_id=419
Frame ID: 9CA43436D2B1DC95D18A28D343FE27D7
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B004CD573C1118C702A426759E112910
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 981510C7DC119CCBE30DEB60DB348127
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Frame ID: 994AA8DBFDF68119FAD8CC60A418AF12
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: E2428FC1412E12814A6CA139B17B92D4
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 0D754F44E41BF7A6540CA80498F41634
Requests: 11 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 97B2461484750748298FDDA5576F12E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 4810C097B7BA6140A1BEC774DCDA6DF7
Requests: 16 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B7ED88A13841958E952FCD58A622F62
Requests: 15 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 612D241C7C324A1A091DA16C861B9D54
Requests: 19 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA0675A2CBD3DC447DB6EC38D1022520
Requests: 19 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B4F2267DDC9E38A47990F192FAC9F29
Requests: 19 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 53C61B70A7865681C2FA96D9881B451A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Frame ID: ED28184DFD9E8B94B7497D18F073ED19
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Frame ID: D824B960871EABB355EE35675AB8174D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Frame ID: DF6B588CC3E2A3051EA91903183D102A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Frame ID: 3551DD430436CF4370F3376E15FE9F27
Requests: 5 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 622EEAB933622773F6549C2DE692109E
Requests: 15 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B81B7743EDA1011D2523914239990BA1
Requests: 18 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 428B09B32E24A261AB0AFCFFAC5CDF98
Requests: 18 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 93C6358358A706843BCB2D860236C9A6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Frame ID: F808E5E3494D5938B8F6E96EFF659BC4
Requests: 5 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BB0F92A2A04782B624CE1857A8C4044B
Requests: 21 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C26302427FB021B84C041A05CEEDB890
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Frame ID: 42F64C4F83AC9163C75D9DDC21EBDBC7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Frame ID: DA8C72A5A392A4C2BA2E4016ED2CC093
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Frame ID: 27FEEBD05DDA72497ED8B37690B7443C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Frame ID: 620F68C46191683341CBBB8607C570C8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 317E5E7B7EFFC1374BE3C86DAF723B53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6EB29F501A6B2731BCBAAEDA156827D8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 53F6BA659A6A9698DBFA9C88A1936A69
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 970BA36602C364828DC9E6EA7487E1E8
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 03B22078AD9FD61647C09EDEFA75AB7C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 514D170B5CD49CA19690E7638297966B
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 0C47A63F4CCF38CD224768C21C97FFE4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: AFA11C55BB6A2F354863316CBD16F0DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Frame ID: 55CA4C0A4C0E55BB7CA2F31FF0A2AE55
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4BC18B4332E3EF2AB7F81461CF742C30
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: F06200925F64ED7E26F653C37FF1FAFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 571EE275101E632CE957C768D9EAF94F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Frame ID: 301209C122576038C7FDC1858A9AD89A
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Frame ID: FEF26872F83E984816CAA71BE8AA0205
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E5FB5E3C20DFD19E944BEAE445CA5B7C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B6190DCF503AE980AB72B70058649B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 057A2EF9C19DFBFEE60845BF647082E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2CBA587D20CB776DA2551D7CC7ADA5F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C0040B10D8F71F1E3C7DEDBF26AA6728
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9187346C52BCC785337196E26F82DC7F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03AB09A25B3B46E2511BF64C65DEDDF0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4820C0FF386590635B1819D26094956E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A93E53C75A4D25580759A0CEC4E62DF1
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1636554998225998016319
Frame ID: 11C65793D0AFB09666AF680C0C4506B6
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 0042FB04A899A5DAE270C530D0B334DE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 3A7DDE3168B70B4A1CFD72FD818DF0A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 9D3D688253DE6CB52136D94FD3622E0F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 9C55D0F29EE54187902D8699F8553C89
Requests: 1 HTTP requests in this frame

Frame: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CF24F558D9CAD7A796D16BAB48120C5
Requests: 14 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: EB04CD8A868DA2AE081B1DA1CA16832F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 0EB2C0A33CA5A17C319F591A0DA0C26D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 27DD91530D403B1C378457CFC0BA046A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 0A8DD376089A5CB2DA44FFFADDB8B5FF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7E44CDFA9C05FDD536EE40752EE23ED3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: AA12E139D391AAD8497C60AEF50A2BF3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 83A1A9A178FF849C0997665C0082DD02
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 857511ED669A87CF94B88F8019AED6AE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7700355DABE7008128BC323FD8E5C3F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: B8394A9B7AB58FD73216B34A6459B894
Requests: 15 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995632
Frame ID: 4369C265115BE94565F23E5A133D029F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 8E5560369D826E727CC76282035B2F16
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B16CF4E7FC83553AB2B7B8C7D4BFC523
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: A22BBD67C139FD9A9A28A6DBECEC4256
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 328833B3D0C798777D28B99EDB9CD348
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 6ACEF53CD66DC814330A1C197F1B6BB2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 43861325E7565932141A88D8D19DD74D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2CDA4E61E02796A988D0978A30EFA509
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Frame ID: 0D33EFEF9365025EB59F462EC8132ABA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 17283617C241FA51B31A3418C4F2CBA5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: CFADAD36CB16B5DDDAC4D3AADE337BAE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 5C507F47A60C475B0C0B5D8AEC2D94E0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 3C51D96B4D05F995DD22EE473EA7C86F
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995486
Frame ID: AB5D813C17EA6CA69B3C0FA2FC64140C
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7EB12196DD8C48393A343A4685A14D46
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: F28B3ABC43188D925221E0B0C8271886
Requests: 11 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995637
Frame ID: 80421A5436CEE85B0E5FBC76291A2556
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 14DEAB464669D722ED2E275DD3866463
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 2FCEE6991857F714E040C2B7E4E59D67
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE12432D9778E0DAC54FD87394C1E387
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: A00DA66B263DA7CC0E85ADEF2B095AAF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 2882AF709CF0E8C464EA67786B382946
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: E0DE1A4216130E8578292C12196505E9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 94902922FF5485277FA744254EFF171F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: A5BE75ADDBEDC196E7EAC3DDDE340E6D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C520B5F5151A7C028E9D3A4B5A6FAB63
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E66502DAAE318BE08AB7F711E61BECB6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8A70C064B3DAD1263DFF826E47EF4BF4
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995757
Frame ID: 45038F8CE0ABF4299064D008BC1A799D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 280C307782263C260040DBE2C9989332
Requests: 11 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: A50BECA33FBB4D9A2B2BB07AEF98803C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Frame ID: 25867FCEA747B907F632C2B743F3495D
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 48C7DDF82CF55461781D6D87BACE0549
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995493
Frame ID: 3CF99C0311C317568DFB39C06F51DF7E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 92DAE227AED822F3A9E4ED35DDD74C32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: CB69DCDAA02F93A29CEE9C783ED1919D
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: CCE35F9E8992E93692E1066F5391ABA3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0E5te7dlu41Q09xbe9eFmmKxJ53EDjbXX5FzmozpFpFHMwFZy_qRLfIuqp2mXzFLlItQ3Vaa4bWW8_NZORDs2RY9IvsarpwO-enVanqb6Tdx8-T75TikVVmRIYYVdMtNpi82HRQIUr737Rk2zR4cPAXLKxGf2xFkbWwrHorITrSeuWqa3V6t4V9D0ipPHAb5B1TDKPHyjIknynHxeqE2N45H__3JTPbGhj4npxYPk3KioUzjh1qi0QXGX9MrbtTYV8LXIRmt4GiCKlgzzNG9XrNsz5aoSMw-2qxvXqZ5aj7CYsj83Gef_BWHADQ-7kn2WJZq_pFJVGyQ&sig=Cg0ArKJSzOtMSH9WoJfdEAE&uach_m=[UACH]&adurl=
Frame ID: 86929F8B4E54B347459402FA8DD0FE30
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUA54VHBhQTcR-FhqRqg4UWMuFPYhSBslOkMFnHuEMC3l1kDSOO95bWho9qRJLALOi5Xw51MgHj3U6YyjE5iI9QmmVuT0sGVL3BKDSK86QBIHFmVP-8QiAj4VzbWP9SQyFZdxDvkPLjQSI_EFZe1u2lNNZg5XB2LptHFUzGya9zRfRP0LSF3HpBd15QXLZz3x8z4iC9-is-edTdX28fnRFVXtk2OfWGQs8JNlJSjuJlVElTlWUFjUP4kv5y6gesETYmtaMRBM8j-kdqzxLRWoI6qHIgB0vDwUVwy57Ku1YcpR0AdwpsNwRdTwqW0QTv806CbJkg_8meuc&sig=Cg0ArKJSzDWcyqy9JF_1EAE&uach_m=[UACH]&adurl=
Frame ID: C3AE63F1CDAE711DF61A7F1C5BB1312C
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Frame ID: 42F392D2217233486B16000D12D4ED2E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D70B3A69B17D6217BB6CF292CC25259
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 989587934A10403724156548E4EBCAD0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28E3D00FC2A01D03816DBC6D39990EA5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A309078E0054E8FF6427813E70FE7D51
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7DD182955B27FE3C56AE77C4ECF68BC4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhio4Kq6ATAB&v=APEucNWVTmZAL1fqrlUQv7ZBesBA39nKZQ8yphpaNtmpSj8DcJ5xPQGGzC7phKIRCeBFcf2o8X1sSDksBoTSC-8RfGxFPl9KQ3J1HuSp_HhpuqGVOFyzjEr82VyYLcVcuVpKZjnshcZc8IgEM-WQSH4bS0iPuKpl3NJFXjA70a14JUg8qJ-DtJQ
Frame ID: 5FA5AD15A41E85906EF859CF82B6A26B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7DD691404F4789AB4EF50FBA8C39E67
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8125D2BF80CD2307D954AE6CA804D86C
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: EC3690928087D2376A4243E80DA8A85C
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D68E20E8F1A0B87C267DD443E78891CE
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E3BA31A51259EB5BA934FED34AC7E034
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4186EB52B51B3279FBCF1E696A881370
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 410DDD64108922DEF48FD28B741DADA0
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4C274ABE20591F66A1D586F43C231078
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2A4C2021-80DF-44D3-9139-A753695F86E7
Frame ID: A87F6A82BEE9CE79C3F7DC0C4C3EFA94
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6153006215413666020
Frame ID: 565A25794BFE78A2304BC96D33A3C4E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 964810370DDC0AE6384A2171D7552683
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028950190242595175
Frame ID: 604C7547D79DD6304FAE9C8FC2529A3C
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: B74DFC0E4CC680F599BD9809B99EEFAF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1279923F64B61A979568443A8B0DC9D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7AA629F29466DFF235159DE8482C7B0C
Requests: 5 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 08A9E23C6162EE5748332387F08F6D58
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F50A83DAA028656444A7885632C17C8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D1%26key%3D
Frame ID: 0E888F2D7B826D6304D362C65275BAB5
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Frame ID: 4037765A2B86130F48925DA58E10FDC4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 46C1691BAB42105AF9924B7C3694131B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7F52DCE3D1967F7731E89A6F778D4EC0
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7AC51F157082AD3C113336E4CF4FD2EC
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 2ADF058E017F4EE71F94660D6B5F9D73
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FB0007F02FB6C9B170BC54FF20B86F16
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3F0A8D4309EDBCA3DA9AA0929F13F9A6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: BE71D7A7EC213698D0C8A9A5B073A0A4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: F70A8C6F2F264B8AE11EECA8F41CA483
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 2F50987A73C70D0A31A269C1DCA57F5B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 907DD71837858670815F36AB86BFDF20
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 0179B967D03132EF70DB5DFF5E157B36
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D9A6FE3BB23B66E086C4D2327A92B95E
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 99576BB5F6D21A456D04CEF637B3BA66
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B494BD0E0D0EAA0A783E41D676D4779
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 01E83B7DF2C516594B49825081944B26
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 400A00E62BC407A5CF4D98467EF9B2F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BC95992B6670A4797E2F88B81C87F5AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F2CA6D9FD273314EBED61E96CD153740
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 9BD697E99EA8F12C0E4285181F619033
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYvY8wADhPvA_AAz&gdpr=0&gdpr_consent=
Frame ID: 373C5097968875AEA9AADCF36A9357C9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg
Frame ID: 8068CD61C29CACD5A10419EA3BA60F66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 58A5F18EB16F9D115D2084980C57FFB8
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9B38693187F197C377CCB201BEB5640A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B05F39DFA4C3AC4A369B7F4F676923F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
Frame ID: 65AF19515F39D6AD8F893F75D696F492
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=88XOl9wnxstqlRkUmmXAXy1M
Frame ID: E31864A14DEC6E41496B5C988C09F58F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=58964153146762
Frame ID: 5C219724122C87470AECE5E48FED0956
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 052EC4AC039ACF4E565BEBABAA5C932A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EA6CFB2E46E6CF649428ECB01B018195
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 099CA502A372C76901EBE5B4EFF270F6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=3ffafffe-9d3f-47cc-bfbc-3aa052675337
Frame ID: 396C6D2BC6FD782112D13950A1CEC52B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QeUOEAnb1MKOIn5&gdpr=0&gdpr_consent=
Frame ID: 3CBA1CA88E347E448FD157047B72B4AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8F3145E21F714E699B5B0C69874CBA32
Frame ID: A6D99B4ED659513C6D8E98B1EB461DF9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MB3e2du3RDVgDP5wLbdDhqh3GcU
Frame ID: C69CEF2422E8DD3BB7B4177B89F7B433
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A346166C588660576796D405A574734B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 84A74C9F8630467307D2E43694CDD75C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3A86D850CD2DC02D67A7A7C6251BF58F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Who is Arazou Baker From Cinderella? Meet her Family Boyfriend & Instagram.

Page Statistics

1323
Requests

84 %
HTTPS

22 %
IPv6

135
Domains

234
Subdomains

145
IPs

15
Countries

13199 kB
Transfer

29571 kB
Size

208
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 6
  • https://www.tiktok.com/embed.js HTTP 302
  • https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
Request Chain 18
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 26
  • https://www.instagram.com/p/CT2yL-Voq6a/embed/captioned/?cr=1&v=13&wp=540&rd=https%3A%2F%2Fans-wer.com&rp=%2Farazou-baker-cinderella-role-and-instagram HTTP 302
  • https://www.instagram.com/accounts/login/
Request Chain 68
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Request Chain 69
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=99e426a8-4233-11ec-9c19-197e22df0506 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=94&advUuid=99e42651-4233-11ec-9c19-197e22df0506
Request Chain 70
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=98&advUuid=a2b1c853-5b35-496e-9674-e942dd3424d4
Request Chain 83
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=93&advUuid=713a3de2-c34c-4d71-b847-02e5a81c8a93
Request Chain 84
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=99&advUuid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
Request Chain 85
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D618bd8f0b4cd9%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=105&advUuid=4777276572329354755
Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 119
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=EOA0VHTlN7sWT0ZE90fa&pi=admatic&tc=1
Request Chain 149
  • https://ih.adscale.de/uu?cbfn=receive&t=1636554994 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1636554994&nut&uu=8e764321958a4acab0c667c0d20c11d8
Request Chain 173
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENPMozUUsmUblLnF3zqGFUw&google_cver=1&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY&google_hm=Q0FFU0VOUE1velVVc21VYmxMbkYzenFHRlV3
Request Chain 174
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVoipfH0ys59OA5ApaC9KKXv0Gpchfw4y&google_gid=CAESEN4YFjBMCG_4ji-cdbc_QuY&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVoipfH0ys59OA5ApaC9KKXv0Gpchfw4y&google_gid=CAESEN4YFjBMCG_4ji-cdbc_QuY&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTAxNDM2MzUwMDA2NTIwNzIyNDg3OA%3D%3D&google_push=AYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVoipfH0ys59OA5ApaC9KKXv0Gpchfw4y
Request Chain 175
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA_QxioUlbmGhqIn2Kz57NY&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-phptqRcr&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-phptqRcr&google_hm=MTA4MTUzMjQxMzc2MjY5ODI1Mjc
Request Chain 176
  • https://rtb.openx.net/sync/dds?google_gid=CAESED4M0V3aXk5Cav008Z6p_vc&google_cver=1&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ&google_hm=ikKk3771yLM0ZTPW4mVdew==
Request Chain 177
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTY6hsKh2YzoX2LGqFfy8s&google_cver=1&google_push=AYg5qPKVmhL9sk1OWpo0XTyDn6lEOwp7XZyUfe6u29hj5zjCfBGAw7Ogebh6wRE6RspHPXbX4nEqGWdf21NEyjBg2ahUHV7ie2lc HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTY6hsKh2YzoX2LGqFfy8s&google_cver=1&google_push=AYg5qPKVmhL9sk1OWpo0XTyDn6lEOwp7XZyUfe6u29hj5zjCfBGAw7Ogebh6wRE6RspHPXbX4nEqGWdf21NEyjBg2ahUHV7ie2lc&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVmhL9sk1OWpo0XTyDn6lEOwp7XZyUfe6u29hj5zjCfBGAw7Ogebh6wRE6RspHPXbX4nEqGWdf21NEyjBg2ahUHV7ie2lc
Request Chain 178
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOtYiJ0mUkzseXLts7gWaFo&google_cver=1&google_push=AYg5qPLqO9ARlIAbaAYpla0AElfQk_WeMzAhnK04ADjvP3WkpKzLHCnNbk9JAZz3HwcPHOivuMyEV5hdci9DezqF3xhBmgFb3T3S7Q HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLqO9ARlIAbaAYpla0AElfQk_WeMzAhnK04ADjvP3WkpKzLHCnNbk9JAZz3HwcPHOivuMyEV5hdci9DezqF3xhBmgFb3T3S7Q&google_hm=
Request Chain 182
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 274
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=8e764321958a4acab0c667c0d20c11d8&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=101&tpuid=BBID-01-03112689953354196-16442748
Request Chain 297
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA5YjBhMWZkNC00MjMzLTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
Request Chain 298
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33550408-bd18-4c2e-af2d-417206d04e39&_origin=1&gdpr=1&gdpr_consent=
Request Chain 299
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YYvY8wADhPvA_AAz HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YYvY8wADhPvA_AAz&_origin=0&gdpr=1&gdpr_consent=&_test=YYvY8wADhPvA_AAz
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=d3bfd47819b750e0df38332f90f3177e72d93cc987d2dbde736e1794e8f3d1bb&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Request Chain 329
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=75&tpuid=4777276572329354755&gdpr=0
Request Chain 333
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d4d4326bedf0affa089aa556c28612679561bf1f5e829366db2d2ce7efa3dff2&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
Request Chain 366
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eabf167ca235dc42265c5e54ce6b52b316c07da04f310e97bcb062927f7dc5f0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eabf167ca235dc42265c5e54ce6b52b316c07da04f310e97bcb062927f7dc5f0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=42&gdpr=0&tpuid=1005411107955032424
Request Chain 393
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=581d716215c1354dd8ae0871b86f0d74def3b7993bc690edd6b711f441aa86cd&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=dde55b03-0936-408c-b2f7-67df16eec374&gdpr=0
Request Chain 414
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1005411107955032424&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d52e8fa848e2328017136de2e84ca1e6f445cf9bd8397871e84c7fddacbbd2bb&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Request Chain 418
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=91bbc2ad85d9b71f036426707f2d9821943226562181e7906971165d85568e48&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=91bbc2ad85d9b71f036426707f2d9821943226562181e7906971165d85568e48&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/js?tpid=48&tpuid=182b6e0465439784c56d0eab985d5c45
Request Chain 603
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 604
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 605
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Request Chain 606
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Request Chain 608
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 609
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 610
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Request Chain 611
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Request Chain 614
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 615
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 616
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Request Chain 617
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 619
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 620
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Request Chain 621
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Request Chain 649
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 650
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Request Chain 651
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Request Chain 652
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Request Chain 708
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 709
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 710
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 714
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 715
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 716
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 718
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 719
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 720
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 722
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 723
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 724
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 757
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 758
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 759
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 766
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 767
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Request Chain 768
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Request Chain 808
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimDnED9AFhj2oviFr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimDnED9AFhj2oviFr
Request Chain 809
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWtSWmF0h7U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWtSWmF0h7U&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 829
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Request Chain 856
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4777276572329354755
Request Chain 857
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=e655f21b-811b-499c-b1de-37ff6ab6a350&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=e655f21b-811b-499c-b1de-37ff6ab6a350&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=d532da7e-8a78-4d44-ba06-01bbe3e2ba03&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESECJDOQtq8OLwru56k6K2Q78&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECJDOQtq8OLwru56k6K2Q78&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4777276572329354755&opid=apx&ops=&utidl=tech:goo:CAESECJDOQtq8OLwru56k6K2Q78&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22385448002&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=a064a09346fcf640decd2c1a8084a062&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/3/7.gif?puid=63216703751941907133781990417336664270&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 858
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 861
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=5600a26d-87f0-4892-ad2c-549534a949f8
Request Chain 862
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=laazBrIQ0lA6 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1045131238910643293&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 863
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=33550408-bd18-4c2e-af2d-417206d04e39&ttl=1639146998
Request Chain 865
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=EOA0VHTlN7sWT0ZE90fa&pi=mgid
Request Chain 866
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=e655f21b-811b-499c-b1de-37ff6ab6a350
Request Chain 868
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=laazBrIQ0lA6 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=7e1f55f9-aa7c-42d9-8550-d757745cea49&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 869
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=88XOl9wnxstqlRkUmmXAXy1M&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&us_privacy=
Request Chain 870
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFhekJySVEwbEE2&muidn=laazBrIQ0lA6 HTTP 302
  • https://cm.mgid.com/google?muidn=laazBrIQ0lA6&google_ula={guid},5&google_gid=CAESEOvgwM5xp2ws68PQa-P5aNM&google_cver=1
Request Chain 910
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432Rzsew-k1bj11oG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432Rzsew-k1bj11oG
Request Chain 911
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPLouej9i1Hq4EoVrP5nSHHThcgAXzsO8-V29PVT__tPsgKSDs3HlKzF55YikJBgMdBfw7kue-B-bk7ubzL_7BqCHE5NJnpG HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419410995139&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXTslLvEULL&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 927
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Request Chain 928
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d532da7e-8a78-4d44-ba06-01bbe3e2ba03&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Request Chain 929
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Request Chain 930
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHWHhVN0RGN0lBQUNoeWRlTzVTZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 931
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Request Chain 933
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Request Chain 936
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 937
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Request Chain 938
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Request Chain 939
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Request Chain 940
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFamlFN0RGN0lBQUNoZnNhUGs5UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGie07DF7IAACh6cQxlxg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGie07DF7IAACh6cQxlxg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Request Chain 941
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Request Chain 943
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Request Chain 946
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 947
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Request Chain 948
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7e1f55f9-aa7c-42d9-8550-d757745cea49&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10815324137626982527&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dopenx%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10815324137626982527&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dopenx%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=40136134-9f29-4cd3-8275-e7b25860b03e&ssp=openx&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=266350603966001742240&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10815324137626982527&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 949
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Request Chain 950
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHaWUwN0RGN0lBQUNoNmNReGx4Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 951
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Request Chain 953
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Request Chain 956
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Request Chain 957
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=3AC6C3F89C0B4D8088BC325684233F3F
Request Chain 958
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 960
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 962
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
Request Chain 963
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=88XOl9wnxstqlRkUmmXAXy1M&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D88XOl9wnxstqlRkUmmXAXy1M&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
Request Chain 964
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7358448861426564282&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 965
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ikKk3771yLM0ZTPW4mVdew==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 967
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=8F3145E21F714E699B5B0C69874CBA32
Request Chain 968
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 970
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 972
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
Request Chain 973
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=88XOl9wnxstqlRkUmmXAXy1M&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a064a09346fcf640decd2c1a8084a062&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D88XOl9wnxstqlRkUmmXAXy1M HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
Request Chain 974
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7430506455464492218&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 975
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ikKk3771yLM0ZTPW4mVdew==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 1027
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1028
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1029
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1032
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1033
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1035
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9C6kMHTdyn6QImE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9C6kMHTdyn6QImE
Request Chain 1036
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXTslLvEULL HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=de6d7130-c237-42df-b4e9-b82e73abad79&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntOf1KmHo0&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1062
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKIFkO56uy6fq6Q8ico2YE0&google_cver=1
Request Chain 1063
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTllNDI2NTEtNDIzMy0xMWVjLTljMTktMTk3ZTIyZGYwNTA2
Request Chain 1067
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6153006215413666020
Request Chain 1068
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 1069
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028950190242595175
Request Chain 1070
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 1071
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d89f618b-d8f3-4600-8acc-223fc44e81b7
Request Chain 1072
  • https://pixel.onaudience.com/?partner=214&mapped=2A4C2021-80DF-44D3-9139-A753695F86E7 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1
Request Chain 1073
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE0QzIwMjEtODBERi00NEQzLTkxMzktQTc1MzY5NUY4NkU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 1074
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2n0WF0C_OvY5JF2XM82qA&google_cver=1
Request Chain 1076
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Request Chain 1077
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33550408-bd18-4c2e-af2d-417206d04e39
Request Chain 1078
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1005411107955032424
Request Chain 1079
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4777276572329354755&gdpr=0&gdpr_consent=
Request Chain 1081
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A4C2021-80DF-44D3-9139-A753695F86E7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFNxzC1E2uU_Rxb0bPL93vRIAZ6_ZAc-~A&gdpr=0&gdpr_consent=
Request Chain 1083
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&dcc=t
Request Chain 1084
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOOrrwq6_9QLaS1KMCpyWO4&google_cver=1
Request Chain 1088
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147000
Request Chain 1095
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Request Chain 1096
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGie07DF7IAACh6cQxlxg&expiration=1637764600&gdpr=1
Request Chain 1097
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
Request Chain 1100
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 1105
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
Request Chain 1106
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Request Chain 1108
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1114
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_Vyr7ASSSCI8mUau HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_Vyr7ASSSCI8mUau
Request Chain 1115
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvguKCpN01Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvguKCpN01Q&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1120
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
Request Chain 1123
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 1129
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
Request Chain 1134
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 1137
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc0XPX5s_6xp7l8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc0XPX5s_6xp7l8
Request Chain 1138
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfmW5Az3gI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfmW5Az3gI&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1143
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dXKporGTqfRNo7I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dXKporGTqfRNo7I
Request Chain 1144
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiSnG4LMHM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiSnG4LMHM&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1146
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 1152
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIgMvIz1DFzu41w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIgMvIz1DFzu41w
Request Chain 1153
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntOf1KmHo0 HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=0122f085-b10c-42c0-a3c6-ce5b1898f89c&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1157
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=33550408-bd18-4c2e-af2d-417206d04e39&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Request Chain 1162
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYjk7tcUcFmQLq5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYjk7tcUcFmQLq5w
Request Chain 1163
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJZg6CycIERx33eAZ94kHwtqMwb2B9f9bS4LcgwP3vVpuCkJlB1fRpJO45-I0L8AoKm8F8V8hBgVayJ798rKo58e4L8Mw HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a649812c-11f7-48c3-97c7-4fd014997fc3&user_group=1&ssp=google&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=fh9V-ap8QtmFUNdXdFzqSQ== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1
Request Chain 1168
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 1178
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-JZTaeLfFY7Zxzs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-JZTaeLfFY7Zxzs
Request Chain 1179
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Request Chain 1199
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 1200
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QeUOEAnb1MKOIn5&gdpr=1
Request Chain 1201
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419410995139
Request Chain 1203
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147001
Request Chain 1253
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=e06e74de-f1fe-4ac7-a363-401d3839a7f7
Request Chain 1255
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21&dcc=t
Request Chain 1256
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5c2f5f5e-820c-4803-a54a-c186c3a29ffd HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5c2f5f5e-820c-4803-a54a-c186c3a29ffd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662304077904190
Request Chain 1257
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9fc13ff9-4233-11ec-b930-65692a6201a5
Request Chain 1258
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=&knw= HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=
Request Chain 1262
  • https://www.instagram.com/p/CSM7kaVI8tk/embed/captioned/?cr=1&v=13&wp=540&rd=https%3A%2F%2Fans-wer.com&rp=%2Farazou-baker-cinderella-role-and-instagram HTTP 302
  • https://www.instagram.com/accounts/login/
Request Chain 1263
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYvY8wADhPvA_AAz&gdpr=0&gdpr_consent=
Request Chain 1264
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg
Request Chain 1265
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 1268
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5437803960 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/33550408-bd18-4c2e-af2d-417206d04e39 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
Request Chain 1269
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=88XOl9wnxstqlRkUmmXAXy1M
Request Chain 1270
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=58964153146762
Request Chain 1271
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1273
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 1274
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=8F3145E21F714E699B5B0C69874CBA32 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=3ffafffe-9d3f-47cc-bfbc-3aa052675337
Request Chain 1275
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QeUOEAnb1MKOIn5&gdpr=0&gdpr_consent=
Request Chain 1276
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8F3145E21F714E699B5B0C69874CBA32
Request Chain 1277
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MB3e2du3RDVgDP5wLbdDhqh3GcU
Request Chain 1278
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A4C2021-80DF-44D3-9139-A753695F86E7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A4C2021-80DF-44D3-9139-A753695F86E7&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A4C2021-80DF-44D3-9139-A753695F86E7&addseg=19,36,42
Request Chain 1279
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1281
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2A4C2021-80DF-44D3-9139-A753695F86E7 HTTP 302
  • https://a.audrte.com/p
Request Chain 1283
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=75a85a4f-a6c4-4457-8d12-499170e0153b&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 1285
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7430506455464492218&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1286
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 1287
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a449ef7-a26e-442f-b5d0-38fe2ffca3be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1288
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4777276572329354755
Request Chain 1290
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9fd1452b-4233-11ec-94b9-77ba70aac1fb&gdpr=0&gdpr_consent=
Request Chain 1315
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=33550408-bd18-4c2e-af2d-417206d04e39&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Request Chain 1316
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9b7038f5-2a1d-4f3f-8654-a953b7338249&ssp=admatic&expires=30&user_group=5&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Request Chain 1343
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3D7e1f55f9-aa7c-42d9-8550-d757745cea49%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=eb3ffc5441354ead98965144c21a57cf&ssp=admatic&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=

1323 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request arazou-baker-cinderella-role-and-instagram
ans-wer.com/ 		33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343abd611e26ca76b3fe4588af30ad5c03c9ea3fc08ef9032711b2c76742dafe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNpU%2BcEh1Ey%2F2gW0DQCCaLLcCjhSfWsWtLDhyQPi6Ho6%2Bi7dECgCjxdArS0wi66t%2BZDU2b3CcuHumQsv04GtD%2BxbPAQXvj1CMt5Y8SJNKfGH6X1rpwURC9gGOAfsWHpBcds%2Bt%2FXoK3qX"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ac00379afcc698b-FRA
content-encoding
br
bootstrap.min.css
ans-wer.com/lib/bootstrap/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 16:34:56 GMT
server
cloudflare
age
1177
etag
W/"1d77d852c685874-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzK1uvTcOLdf7TsncYRxNQKCdFiXnAQdY8yFfYnAWdKn6C0zvGqcot4J2E%2FCcEF1DSEjKUIcpdf8p02fqMEzxMvpCh5WNLfuNQ2IM1%2B00x29mBpgp%2BjKI1ESRGg60TTr1xJ9%2BYRpFXNz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037d58af698b-FRA
site.css
ans-wer.com/css/ 		602 B
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/css/site.css
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb189c7a712287e1bf77631c2d61571cf02c910b75aee18e41c298f4ea9dcb8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1177
cf-polished
origSize=1265
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
etag
W/"1d7a8b6d61607f1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhmctlKg7cosmjmT1YT5WjfD0LrRJ2eTP5G99tGU346M1f48q1ys9Ns8uZemmDDYOe3gZO5xYlhR%2BWDYQAhNsW7NXQI1WT%2BOFz0RsYzQn%2Baw2CydWTU52%2FaB6D%2FjDwurXFbQImEI4kdE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ac0037d58b0698b-FRA
cf-bgj
minify
all.css
ans-wer.com/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/css/all.css?1
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69da260c5c21cfb3aa86b1497bb3f203ad2e620763e8819d291cc9912ce72832

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1177
cf-polished
origSize=86705
last-modified
Tue, 09 Nov 2021 15:41:26 GMT
server
cloudflare
etag
W/"1d7d580415e45b1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG6BFZSPzQxHMtcszgmnLYG%2F8xxQKP8K4UM4%2FS1AOqZziS7brMU30DXkjAuno596uKWyfazodvbdPSCCrPbXJ%2FB1XfNDag7%2FDFFggVJiH97rTeUbwDpAyOD03Oh0UbS%2FHN7PJgpWN1WW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6ac0037d58b3698b-FRA
cf-bgj
minify
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1158146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10480
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3P5jpTpeUwKoeJvYY9GFYaJvQqkBx8gCiJsDs7%2B8VjAlm7clBj8Nd0cWLY41sVc%2B1C5SB%2Bn7syQRAM5NPkWokAb0mRc5%2BjaENPdBplo7OIGu9eIOq0t7ENyIVCJnqwUNfnFIhAqG0hffbqbJ3%2FChT%2F6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ac0037d7d6e4ab5-FRA
expires
Mon, 31 Oct 2022 14:36:32 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 03:51:02 GMT
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-encoding
br
content-length
4843

Redirect headers

date
Wed, 10 Nov 2021 14:36:32 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
ldc
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
0
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/6725)
Age
1494
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
embed_v0.0.8.js
sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
50f198c4c8deabd496e3f6674504214a643b120144697fe02126143ed2031eb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-akamai-request-id
6adcfef
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-expires-ms
1630900091346
content-md5
PNa66oDUrEHeL1+9pJ6CAQ==
x-cache
TCP_HIT from a92-123-194-151.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36931995) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
431,23.55.160.71
server-timing
cdn-cache; desc=HIT, edge; dur=268, inner; dur=0
content-length
15230
x-tos-request-id
5cd46a358f7a87e1-af54016
x-tos-response-time
Mon, 06 Sep 2021 03:48:10 GMT
last-modified
Mon, 06 Sep 2021 03:48:05 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=25881041
access-control-allow-credentials
false
x-tt-trace-host
017c418e7aba803b13e98202fffe01219379c020c61390f66daa1df131338ea9c14212e58b2e9eda76abd4bcafeb21210e7357525eefc4e9adac1d654d43e5a5456e1029ca17c7dbbe2b7910d142e621462d19ba2cde96a7deccf88458dfcb1a7f62857ca36a5d8e8358873b332286aba4047337b1839989ac8a2812623211aabf
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

x-janus-mini-api-forward
Janus-Mini(fast)
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
389,2.16.186.15
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=302, inner; dur=300
content-length
187
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
server
nginx
x-tt-logid
202111101436320101901851525118D4FC
date
Wed, 10 Nov 2021 14:36:33 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
cache-control
no-cache
x-origin-response-time
302,23.45.233.7
x-tt-trace-host
017e7483f99ea49a3d8a50dcde6def73acf43a0a3f22d36eb321c47a7fa793e36e80964520cf99e7627b94d8ed4c90b136aba04a2938cf39bdac63012a4590f3d1dfed0b9e8935c9a0e9e55f9e35bc5b31d779271bb9ae2969c98e50b501bf7111b247888436372710ce72a890947889fc
cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
monu.delivery/site/3/d/ 		559 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b07671290d4a8c6d277510e9d92eb6f5ba871835b85ddaf2b4c82e9e15642236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvIoOVsElYg1yzwUaskvZ9vzZo_LTovUGCaWI_UWsqYA3g2lKFq6pnqvpNWGwdo1cU_bTsKI7aaKJCzRSFp3jg
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Wed, 03 Nov 2021 16:13:43 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=tsCcJA==, md5=IM+W7fWNBYFa5ZnyseaOEA==
x-goog-generation
1635956023288529
via
1.1 google
cache-control
max-age=7200
x-goog-stored-content-length
572232
content-type
application/javascript
expires
Wed, 10 Nov 2021 16:36:32 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-8062131-3
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28e0748909a4ed9b5ce1ebfaa0d8ea75144418f2f30d9753bf18019e0a60ff4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36353
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Nov 2021 14:36:32 GMT
api.js
ans-wer.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQPeril4OIAmXjDO5A0Ca7efZJ4%2F8NTvpGW%2BAIhcnXBgnm461a7ox%2BvIJTDH2uEOIQ4pINwjo6gLXuYRs63P9LYbnmSTefuPzTMIPoVbErGvJcHZtoO6YSABJC%2BYuk21PUzzyQkWqmM0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6ac0037fdf7f698b-FRA
menu.js
ans-wer.com/js/ 		504 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/js/menu.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96461945199fa3f30ffde2007b889af6e0744665521a86b6b7230489277a3d92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
1177
etag
W/"1d7a8b6d61602f8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFDd%2FschrUoIU5owNIPrleKb0SZBjcnwnm42%2B8z2IE6G%2BbFinvgNp0RzkXEngKqJ7coQFLssfnko%2BldDrb3IiDPlzZG27Lu%2FVutvFa0jluSYJh83iWfrCOQt5FImZeGFzPjGEnxwGtHN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037d58b4698b-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1882706524308406
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bdca6c8271b2b259bfe0f2361788499aefb3e8727e3daed77b3735268f39c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51286
x-xss-protection
0
server
cafe
etag
12450122628154183254
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 14:36:32 GMT
facebook.svg
ans-wer.com/icons/ 		612 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ans-wer.com/icons/facebook.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381c9d3b2da9fd972a861277258f01a01c451cd769f3d3e5b94d3f727a0f4463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
798
etag
W/"1d7a8b6d6160164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxYJl31tBcSxf%2FVYsDfQLmLFJZYoMKUbDjNhAIHlrDcSt8GyCr8WXevTjd4UdD%2FzBy%2FXOi227N5zbYXY%2Fn%2BPefGJWxkOds2Fd1qdQdSyrAGnjcIs5LgXSuUWYPxax%2BFtvDeHot5RpECb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037fdf82698b-FRA
twitter.svg
ans-wer.com/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ans-wer.com/icons/twitter.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472ef4cfe45e17e12eeb6a45c88127e28afa97162b86f78fc931165b9319fa43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
798
etag
W/"1d7a8b6d6160484"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbC8pkkYEhfgI7Z4ZMd9mC5a7ZNLNWYbKSA5mY68eWzD%2B6YDJMdh6Go5Q9Q4lNURuePkO3ohQhf3Qc8v2ZQbicOPn8We9ggM5Qosfd1UkG%2F0LNqVvd9QL7BKZmvPW08NEkazaPVu%2BQJV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037fdf85698b-FRA
pin.svg
ans-wer.com/icons/ 		1 KB
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ans-wer.com/icons/pin.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be35cc98fdb9c56dc6a0861f7b96e10e6cdd0260626f7dbc0405e87f46435c87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
797
etag
W/"1d7a8b6d616070b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYN%2B8l%2BLDGkBRmXeuIkS4fizEb9nbPBUkVlyezK8%2Bgq18Ec0PCzpNtvPhF3ZCoE0cIOvvY%2FwMfNIlVEXu%2BKOeMOSr6eHZiUpn%2BkW2HNhYlN2KE2WKw0prza%2BDW%2BhihMIiYQr%2BHs4etSO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037fdf88698b-FRA
instagram.svg
ans-wer.com/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ans-wer.com/icons/instagram.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2bbd0171da5a6b17530d605e2512315ceb23a94100a8c086e800e565a2d181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
797
etag
W/"1d7a8b6d6160f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Bp0PX5QENpkMD5nEk3XJFEQF66c3nVbq%2B334VSPfsueP%2BjCrViRK8LoQN0%2BbjUyBO%2FnglbSnKiF2LsTpgb7LpCtgu9aO8o0Hrzc2kE%2Bkgkta6dkWSp9bzHeVItqhad59LoQ6DgpVmVf"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037fdf8b698b-FRA
a73b5e0331c21a997d6c8e06c704e921061336.jpg
ans-wer.com/uploads/2021/9/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ans-wer.com/uploads/2021/9/a73b5e0331c21a997d6c8e06c704e921061336.jpg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c75a683b9a8ef68eb677cd71490e5f5d803a1af9f7288c5c717e36555200bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
cf-cache-status
MISS
last-modified
Sun, 26 Sep 2021 09:06:13 GMT
server
cloudflare
etag
"1d7b2b5c1245626"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIW6J7P%2B%2FqWcCWwKfDWFZIUsy2t1OTm1mGweaO5BGNdRe5ccx4vlNBJHXlur4ojkKT5a6ZVUIxnOkA4jlO6T%2Fc4Nf8FzJ1VcIiD51b4VYFx2a5qPMA%2FS6A858ntT9T7K3Kxd0y1aRt05"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ac0037fdf8c698b-FRA
content-length
75430
liveView.php
live.primis.tech/live/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=107852
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f6431b400f412a751f16b20b585f678a9747f3c35688dbb935fb3bb37c02eb83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 03:51:02 GMT
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-encoding
br
content-length
4843

Redirect headers

date
Wed, 10 Nov 2021 14:36:32 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
ldc
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
0
ans-wer.com.1153326.js
jsc.mgid.com/a/n/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/a/n/ans-wer.com.1153326.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bd02a55cd75af38506c4609973ac7bb1a10c23e81cc2d15f22b96a9813463e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
age
877
last-modified
Wed, 03 Nov 2021 09:47:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
HWJM9BKPQTKGF2Z3
x-amz-id-2
pFC9XVmRVjNbaSCsbUkaJ0poM4EIotg9JBbTHTikjEmM+Xece1Z8oK/TdlxEPMiTXh5Dve7kgIE=
cf-bgj
minify
server
cloudflare
etag
W/"fd28d501cff6ee8fe0562bdbeaa5d95f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ac003800d360621-FRA
expires
Wed, 10 Nov 2021 17:36:32 GMT
loadmore.js
ans-wer.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/js/loadmore.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f532a19ec04a8515a66b29e5067e0c6fd6e7a02ae4db66c1335a6978d18bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
1176
etag
W/"1d7a8b6d6161e86-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYJ%2F3H1zz%2FxerMxkzfTHE%2FctCbNMvIj1WHgGA6CjrB9uQkZJo3dRjZUO3brdEkCzju%2FmXeeDOoSTut%2FtEOLZtOvBNnIWDp%2Bg2Mr7%2F3e31Qbhl6yvCMx1S94TmBwIKanSsAtcC%2B8qJXT%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037e2aa1698b-FRA
_dmca_premi_badge_4.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_4.png?ID=d731bb50-0fe2-4b6d-8d83-880bc6e808a2
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
nginx
x-powered-by
ASP.NET
etag
"0abbdbd420cc1:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_4.png>; rel="canonical"
content-length
4535
expires
Fri, 10 Dec 2021 14:36:00 GMT
site.js
ans-wer.com/js/ 		298 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/js/site.js?v=Mn9-tLeJDWIrojJ620jo0d7ZXRGJDu4WPnVo8ndj3hU
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb6ebb72e9d87614b831e6ddb36d9a41ebfee84d5f63ae3b0788856830ce525

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Sep 2021 15:48:46 GMT
server
cloudflare
age
1176
etag
W/"1d7a8b6d616022a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HS1gjRKAUCEyEykxnJyD6UKKvqVymWIeAY6Imq43b3afyibtJCZeKcjRtbAyupYe6dNCaRM%2BCF5EtJDyapVYPJytA6n2EU%2BUOhG%2FV5OwD%2F2JbgqNfPIHU0YGaLThsb7LSA4icaiFaXq5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ac0037e5b24698b-FRA
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
423615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78196
timing-allow-origin
*
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVZgT7Y1M5mWE0u7E%2BgdaEQwNm6%2BMkoMyvOGXuOi8sjOny2Px34J9ea%2Bpe4TGQuLXcGHorCyLLKxs%2FSlQZ%2Bh9F0LpIEijywOBy0BKJ2XTWeDYe3IVSCOdTNy1W5%2BUgQLeLsbfwe07L86SVrMERoaHZPu"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ac0037fda044ab5-FRA
expires
Mon, 31 Oct 2022 14:36:32 GMT
liveView.php
live.primis.tech/live/ Frame C34F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c63f8a136da56954c25e02512365312d470c4b15fcb5ba03a16d676da09c8412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
T1NeHRuPpoM
www.youtube.com/embed/ Frame FEFF 		59 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/T1NeHRuPpoM
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7107efb19bbe16cc35f7caa9e431090f291331128dd276ccf3ffbf10887cd03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Nov 2021 14:36:32 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.instagram.com/accounts/login/ Frame 58E1
Redirect Chain
  • https://www.instagram.com/p/CT2yL-Voq6a/embed/captioned/?cr=1&v=13&wp=540&rd=https%3A%2F%2Fans-wer.com&rp=%2Farazou-baker-cinderella-role-and-instagram
  • https://www.instagram.com/accounts/login/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/
Requested by
Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

content-type
application/json; charset=utf-8
ig-set-password-encryption-web-key-id
87
ig-set-password-encryption-web-pub-key
8dd9aad29d9a614c338cff479f850d3ec57c525c33b3f702ab65e9e057fc087e
ig-set-password-encryption-web-key-version
9
last-modified
Wed, 10 Nov 2021 14:36:33 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
vary
Accept-Language, Cookie
content-language
de
date
Wed, 10 Nov 2021 14:36:33 GMT
strict-transport-security
max-age=31536000
pragma
no-cache
x-frame-options
SAMEORIGIN
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
130
x-ig-origin-region
ldc
x-fb-trip-id
1679558926
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600

Redirect headers

content-type
text/html; charset=utf-8
location
https://www.instagram.com/accounts/login/
vary
Accept-Language, Cookie
content-language
de
date
Wed, 10 Nov 2021 14:36:32 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
0
x-ig-origin-region
ldc
x-fb-trip-id
1679558926
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 		267 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1882706524308406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98309
x-xss-protection
0
server
cafe
etag
7939618294436661980
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 14:36:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame 23A5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1882706524308406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 10 Nov 2021 00:54:40 GMT
expires
Wed, 24 Nov 2021 00:54:40 GMT
content-type
text/html; charset=UTF-8
etag
4704609575283140419
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4891
x-xss-protection
0
age
49312
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8062131-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2158
date
Wed, 10 Nov 2021 14:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Nov 2021 16:00:34 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206380970-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8062131-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3eec90156131c1b4ef128d2a4648a072f97bc0d38833cf90447d1169657586c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36325
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Nov 2021 14:36:32 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RTJ3RJN3F8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8062131-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
662a293d25ed55f5cf0ecd4bd3cd46f1885692454fa9beba9575efe9f6890645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61706
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:32 GMT
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame C34F 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 10 Nov 2022 14:36:32 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame C34F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 10 Nov 2022 14:36:32 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame C34F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 10 Nov 2022 14:36:32 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame C34F 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 10 Nov 2022 14:36:32 GMT
prebidVid.5.18.0_2.min.js
live.primis.tech/content/prebid/ Frame C34F 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f436d7ccb58e150e6cabdc18fed5a45fe1d7835adc4a9e15399f84cdb9e41430

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 09:24:05 GMT
server
nginx
etag
W/"618103b5-78922"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 10 Nov 2022 14:36:32 GMT
liveVideo.php
live.primis.tech/live/ Frame C34F 		638 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107852&cbuster=1636554992&pubUrlAuto=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1c29691d042590baadc76a7601ea3fae4c30a83f626465ded7772c832a447dd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
ans-wer.com.1153326.es6.js
jsc.mgid.com/a/n/ 		238 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/a/n/ans-wer.com.1153326.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/n/ans-wer.com.1153326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20f1366838d429ef9cb00af5839152745e9f557a1e7ab215d68de92e49851ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
br
cf-cache-status
HIT
age
2329
last-modified
Wed, 03 Nov 2021 20:02:07 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VS6HADXC2X5VC6G3
x-amz-id-2
OVWKTDZCoEgCY6az4W9DPD8hHUJ2yUMOJvAksgPAhzT+m9PgmKc8ShJ+O01Civ4JTjOR2NV+Efw=
cf-bgj
minify
server
cloudflare
etag
W/"c6a36bceda50c0ff45ede8037c417d6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ac00381a9030621-FRA
expires
Wed, 10 Nov 2021 17:36:32 GMT
ats.js
ats.rlcdn.com/ 		185 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
sCfIJpeEYSsr1Erp9JPQ5XALijjlTltt
content-encoding
br
etag
W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age
44440
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6a2bb6c4-0bf5-4773-8a36-cefcec4742e6
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
014263e4dda4020061af64b081a8e627
last-modified
Fri, 05 Nov 2021 09:22:31 GMT
server
AmazonS3
date
Wed, 10 Nov 2021 09:22:36 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
4ad1795a3ae6c6b7b8c516c7d218d3ef7f69c9d8f4459e5652ddcd4b5ef110bd
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-type
application/x-javascript
x-amz-cf-id
s8HEjOh7PAC_3_isxCyf9dRjjbB92-9RMvXyC6rDKP1__OaPjvYrGw==
config.js
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		384 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
204ee90690366972602a38053bdc02427f6153b11ff72ce04eb086e8e93d6166

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:32 GMT
Content-Encoding
gzip
Age
1646
X-Cache
HIT
Connection
keep-alive
Content-Length
65764
x-amz-id-2
o+BvrNBA1zEmCwlH4EwrrscG3X7At/cgWLL2nL5k2HLPwjf45mzVBf+9Wc4u8O07/wgk+AqeyY0=
X-Served-By
cache-fra19158-FRA
Last-Modified
Wed, 10 Nov 2021 13:11:21 GMT
Server
AmazonS3
X-Timer
S1636554993.974561,VS0,VE0
ETag
"dd8341a2e56ed9fb8c9e9b404e2ceaed"
x-amz-request-id
5ZCE2TTAFC12WB5Y
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
38
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 19:16:23 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 19:32:23 GMT
server
AmazonS3
age
69610
etag
W/"4c3e8f251a140b2e06634712ba322640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
cr5KezhVW-7A2Vao4ma7l70JGubBK6Q-dxfPJZxVjQR19fYG62KkPA==
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvUIkZDCmnmMHJ14itow8Yra1dH8rQRflclRA2FQG_m5JwdaHBx_TIIAnv5-oNFRa3M40earvKrCbDOuAE2MAX4qc9uHw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation
1598340963244234
via
1.1 google
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
content-type
application/javascript
expires
Sat, 05 Nov 2022 14:36:32 GMT
services.js
js.gumgum.com/ 		100 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-105.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
uaQCCYk3AuiL3fz3.b_BWy8rEFdVxI8P
content-encoding
gzip
x-amz-meta-timing-allow-origin
*
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"d2d6a8fccebd3f1a5411b38cdbcb870e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
date
Wed, 10 Nov 2021 14:36:34 GMT
last-modified
Thu, 04 Nov 2021 15:39:19 GMT
x-amz-meta-access-control-allow-origin
*
x-amz-cf-id
h711WmwSnMxZN3egYdwf7cHKK_k6GLYfgG6fnvmYxxk6J4iz6I_KRg==
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
82
x-cache
Hit from cloudfront
server
Server
x-amz-rid
19Y2F6CN599HAP4A7MNH
date
Wed, 10 Nov 2021 14:35:10 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Vky6OOo5N20ZB0tv2HJfwAQg1cai2FNeOrVJJf4p3XEXnTpZ4UrI-A==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 14:05:52 GMT
Server
Apache
ETag
"761281-930a-5d06fb951a6b7"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1839
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Wed, 10 Nov 2021 15:07:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
0c898649900411436af02a2a0a7ff8f6ecca71e990351ab5c5c1a996dadeb754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1039 / 280 of 1000 / last-modified: 1636545917"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27099
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 14:36:32 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 68E5 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fans-wer.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
29562
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Nov 2021 14:36:32 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
www-player-webp.css
www.youtube.com/s/player/ea6a4ba6/ Frame FEFF 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 05:51:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
31491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47115
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Nov 2022 05:51:41 GMT
www-embed-player.js
www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/ Frame FEFF 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:12:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70045
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Nov 2022 13:12:15 GMT
base.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame FEFF 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
169176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527841
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
fetch-polyfill.js
www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/ Frame FEFF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
169176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FEFF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 06:41:55 GMT
x-content-type-options
nosniff
age
546877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 06:41:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ans-wer.com&callback=_gfp_s_&client=ca-pub-1882706524308406
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
85eee997eabc3e76a85151e4ab457c3e2e1e8969e292a5a0c9ca44b4df33d6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D77 		0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&adk=1812271804&adf=3025194257&lmt=1636554992&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992432&bpp=4&bdt=634&idt=144&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5656659755628&frm=20&pv=2&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 10 Nov 2021 14:36:33 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 10 Nov 2021 14:36:33 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0C3C 		87 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceb8d0a656deb2043d475d58f5d37b9c5d9d8f819923e66951cb2ace64dc6e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 10 Nov 2021 14:36:33 GMT
server
cafe
content-length
31738
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 10 Nov 2021 14:36:33 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1840542720&t=pageview&_s=1&dl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ul=en-us&de=UTF-8&dt=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1294925168&gjid=294196053&cid=957726249.1636554993&tid=UA-8062131-3&_gid=1951610078.1636554993&_r=1&gtm=2oub80&z=1494574369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1840542720&t=pageview&_s=1&dl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ul=en-us&de=UTF-8&dt=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1478432977&gjid=329650710&cid=957726249.1636554993&tid=UA-206380970-1&_gid=1951610078.1636554993&_r=1&gtm=2oub80&z=1732974138
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RTJ3RJN3F8&gtm=2oeb80&_p=1840542720&sr=1600x1200&ul=en-us&cid=957726249.1636554993&_s=1&dl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&sid=1636554992&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RTJ3RJN3F8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BC33 		137 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1882706524308406&plah=ans-wer.com&bust=31063682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3863ce7b63943da8e7ad386ca5bbd124bc88456871c6e941854c2cd63e40ebed
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLGpnriCjvQCFQFkFQgdTQwBvA&gqi=8diLYZeqEJqMtgeJ563gDA&layout=/sadbundle/%24csp%253Der3%24/14120992840229899163/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLGpnriCjvQCFQFkFQgdTQwBvA&gqi=8diLYZeqEJqMtgeJ563gDA&layout=/sadbundle/%24csp%253Der3%24/14120992840229899163/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 10 Nov 2021 14:36:33 GMT
server
cafe
content-length
46262
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 10 Nov 2021 14:36:33 GMT
cache-control
private
result
ans-wer.com/cdn-cgi/bm/cv/ 		0
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ans-wer.com/cdn-cgi/bm/cv/result?req_id=6ac00379afcc698b
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ac00383f923698b-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MlnReS0DsBCbaAPHw1e16GLkvNGg%2F9ZzugeEWDhiHzB%2BL2xYyTjJhYZp6FjqTY1DnzYrL8Ys6yMNSXgtOnESKQif5xgSQQFv8ypyStcOJXubdNeAWTd973rcgZv5ULV0zHfOYrJjQiU"}],"group":"cf-nel","max_age":604800}
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame C34F 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
83
x-cache
Hit from cloudfront
server
Server
x-amz-rid
19Y2F6CN599HAP4A7MNH
date
Wed, 10 Nov 2021 14:35:10 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ft7z-Sxznuzj-YrG5IMwW8e0aJneCwIRVBOJKpt8CrBM4qStSgkccw==
css
fonts.googleapis.com/ Frame 9582 		2 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 14:23:47 GMT
server
ESF
date
Wed, 10 Nov 2021 14:36:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 14:36:33 GMT
css
fonts.googleapis.com/ 		2 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 14:26:42 GMT
server
ESF
date
Wed, 10 Nov 2021 14:36:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 14:36:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A75 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=46002
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:33 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DA74
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Nov 2021 14:36:33 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Date
Wed, 10 Nov 2021 14:36:33 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
liveCS.php
live.primis.tech/live/ Frame 6A27
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=94&advUuid=99e42651-4233-11ec-9c19-197e22df0506
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=94&advUuid=99e42651-4233-11ec-9c19-197e22df0506
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:33 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:33 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=94&advUuid=99e42651-4233-11ec-9c19-197e22df0506
X-fe
130
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame BD12
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=98&advUuid=a2b1c853-5b35-496e-9674-e942dd3424d4
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=98&advUuid=a2b1c853-5b35-496e-9674-e942dd3424d4
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:33 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=98&advUuid=a2b1c853-5b35-496e-9674-e942dd3424d4
date
Wed, 10 Nov 2021 14:36:33 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync.html
s.console.adtarget.com.tr/ Frame 2265 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
43b348d194f4e2c50da38d2a5e596635df86baee4de5839d73d19aa6285dbd4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 10 Nov 2021 14:36:33 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
853
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame C34F 		115 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmt2MlUlRaZcZDYkMTM5MDMmM2QjZTp5MDE4NmUjODYhoXA0JaZcZF9wo250ZW50X2yxPTE3MmY0MmQzqzyxX2NioaRyoaRsZGVmYm1SYXZyovVFMvU4MCU5OXMeUUIeTGFgYXIeSzFwn3NiovgTqGyfoCgOo3QeU29fZCgiovgWYWNwnW5yJTJDK0Ryp3BcqGUeVHqiK0JiqXRmK1qcqGteQ09WSUQgMTxzqzyxX2NioaRyoaRsqGy0oGU9UzF2ZW4yRTIyODAyOTymK1FCK0kuoWFlK0cuY2gmo24eU3RcoGjeTz90K1NioGQeo24eVzFwY2yhZSUlQlgEZXNjnXRyK1R3olgCo3V0plgXnXRbK0NPVxyELTE5JaZcZF9wo250ZW50X2R1pzF0nW9hPTt4JzRyYaVaSW5zo3JgYXRco249Jat9NTt2Jax9MmMjJaB1YyVloD1bqHRjplUmQSUlRvUlRzFhpl13ZXIhY29gJTJGYXJurz91LWJun2VlLWNcozRypzVfoGEgpz9fZS1uozQgnW5mqGFapzFgJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmA1RwMkMmY3RDqCNmMmMTM2MmUmOTMjMmMmNwM0N0Q3QwQmMmUmNmqEN0I1MmU5NTpmNTqBNEM1ODY0NxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMDMlMmtmNmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MTY4LwEkOS4lNS4kOTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTuvZDuzMGI0Y2Q5JzNvqXN0ZXI9MTYmNwU1NDx5Mwx2MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad0769fdf3dfe9cb0d5a6be51c17a90be6de81a087f207711331ba4cdac0615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ans-wer.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10205
liveView.php
live.primis.tech/live/ Frame C34F 		115 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmt2MlUlRaZcZDYkMTM5MDMmM2QjZTp5MDE4NmUjODYhoXA0JaZcZF9wo250ZW50X2yxPTE3MmY0MmQzqzyxX2NioaRyoaRsZGVmYm1SYXZyovVFMvU4MCU5OXMeUUIeTGFgYXIeSzFwn3NiovgTqGyfoCgOo3QeU29fZCgiovgWYWNwnW5yJTJDK0Ryp3BcqGUeVHqiK0JiqXRmK1qcqGteQ09WSUQgMTxzqzyxX2NioaRyoaRsqGy0oGU9UzF2ZW4yRTIyODAyOTymK1FCK0kuoWFlK0cuY2gmo24eU3RcoGjeTz90K1NioGQeo24eVzFwY2yhZSUlQlgEZXNjnXRyK1R3olgCo3V0plgXnXRbK0NPVxyELTE5JaZcZF9wo250ZW50X2R1pzF0nW9hPTt4JzRyYaVaSW5zo3JgYXRco249Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRzFhpl13ZXIhY29gJTJGYXJurz91LWJun2VlLWNcozRypzVfoGEgpz9fZS1uozQgnW5mqGFapzFgJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmA1RwMkMmY3RDqCNmMmMTM2MmUmOTMjMmMmNwM0N0Q3QwQmMmUmNmqEN0I1MmU5NTpmNTqBNEM1ODY0NxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMDMlMmtmNmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MTY4LwEkOS4lNS4kOTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTuvZDuzMGI0Y2Q5JzNvqXN0ZXI9MTYmNwU1NDx5Mwx2MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5a3e8f17ce916ea524240c35473c599c76ee3c75f988f0c3920fc0e3557cb70f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:32 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ans-wer.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10210
liveView.php
live.primis.tech/live/ Frame C34F 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmt2MlUlRaZcZDYkMTM5MDMmM2QjZTp5MDE4NmUjODYhoXA0JaZcZF9wo250ZW50X2yxPTE3MmY0MmQzqzyxX2NioaRyoaRsZGVmYm1SYXZyovVFMvU4MCU5OXMeUUIeTGFgYXIeSzFwn3NiovgTqGyfoCgOo3QeU29fZCgiovgWYWNwnW5yJTJDK0Ryp3BcqGUeVHqiK0JiqXRmK1qcqGteQ09WSUQgMTxzqzyxX2NioaRyoaRsqGy0oGU9UzF2ZW4yRTIyODAyOTymK1FCK0kuoWFlK0cuY2gmo24eU3RcoGjeTz90K1NioGQeo24eVzFwY2yhZSUlQlgEZXNjnXRyK1R3olgCo3V0plgXnXRbK0NPVxyELTE5JaZcZF9wo250ZW50X2R1pzF0nW9hPTt4JzRyYaVaSW5zo3JgYXRco249Jat9NTt2Jax9MmMjJaB1YyVloD1bqHRjplUmQSUlRvUlRzFhpl13ZXIhY29gJTJGYXJurz91LWJun2VlLWNcozRypzVfoGEgpz9fZS1uozQgnW5mqGFapzFgJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmA1RwMkMmY3RDqCNmMmMTM2MmUmOTMjMmMmNwM0N0Q3QwQmMmUmNmqEN0I1MmU5NTpmNTqBNEM1ODY0NxM2MmY5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmEmMDqEN0I2NwMkN0Q3QwRDMmEmMDMlMmtmNmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTEhMwx5MlZaZW9Mo25aPTxhNDxkJaVmZXJJpEFxZHI9MTY4LwEkOS4lNS4kOTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTuvZDuzMGI0Y2Q5JzNvqXN0ZXI9MTYmNwU1NDx5Mwx2NCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e6a0f995b557fd47381955b02f864af522057a49296da6d823a8278aa1b349b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ans-wer.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3316
chunklist_480.m3u8
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		608 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
680bc163eaa619b106383a01ef4813a1cd43c1df2b980e487f307e74b25e720e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 b2ba6cf796f082846903366b38012b57.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
608
last-modified
Wed, 18 Aug 2021 04:09:11 GMT
server
Tengine
etag
"c1476793d33c6f235f8fea71da6f86b8"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
GQJIRaK2kI9mwh9DsKG6h1kDUznhFffXzAwThr-Ub2SWA8c0mS9_cw==
expires
Wed, 24 Nov 2021 14:36:33 GMT
vid611390333d0e7901875086_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883863/ Frame 9582 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883863/vid611390333d0e7901875086_thumb.jpg?cbuster=1628672055
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c357ae9f7968af67e3332efd5a08f9f4091563809fcb12c317682e959444e72e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 3f1b64a58ba4608df13914ee37f85214.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 17:59:20 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"26274f0ad9bc958ab21805c9f9c22635"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2406
x-amz-cf-id
0uDIaQaeR4Sc-O0adURb3GDR8s2trJXOGMzzfd6MaqvVFlLuJ9gkfw==
x-proxy-cache
HIT
vid60dc24ebda533519166541_thumb.jpg
video.primis.tech/uploads/cn14/video/users/converted/24271/video1511884110/ Frame 9582 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn14/video/users/converted/24271/video1511884110/vid60dc24ebda533519166541_thumb.jpg?cbuster=1625040112
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0da48fb19c2d51ae4205e4b37f314c874cc635c714ca789603a9dfe3b17b2880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:27:54 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"b883725ad6f2f4d547435a86c864c32b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2421
x-amz-cf-id
SgqzLvGTgZTT3jPPwFZ826e1UawTiXfvEs0-AKlDLpYZIEetsiak-A==
x-proxy-cache
HIT
vid618a9fb5e209b417140337_thumb.jpg
video.primis.tech/uploads/cn21/video/users/converted/24271/video1511884217/ Frame 9582 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/24271/video1511884217/vid618a9fb5e209b417140337_thumb.jpg?cbuster=1636474809
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0882421edaa28956436cd5c13d6779becf72d3d87105f3848e54935fa6745b81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 16:21:11 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"15cfec9d00ccbe8d36db26052d522138"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3254
x-amz-cf-id
MP9u7q_j_IHPPZbEMQIDZniqmi11MLL8PvQSnVajFBxiMrQw1ll3lA==
x-proxy-cache
HIT
vid610bc30185ddb392290867_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/24271/video1511884110/ Frame 9582 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn25/video/users/converted/24271/video1511884110/vid610bc30185ddb392290867_thumb.jpg?cbuster=1628160774
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
7cc6c10e1cd170a872f2e80ebd9d872eb8dd25447069cecd51c64fd7e6ff5629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 18:03:43 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"bea5fd37fc80a631b1645a46f3eebeba"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2905
x-amz-cf-id
5mbT5XpxDeVk0wtDCzauXO4fUTKHzaop2JjifYs-yMU5DnL8qtvDCA==
x-proxy-cache
HIT
vid618a9fbbcb74c888912041_thumb.jpg
video.primis.tech/uploads/cn21/video/users/converted/24271/video1511884217/ Frame 9582 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/24271/video1511884217/vid618a9fbbcb74c888912041_thumb.jpg?cbuster=1636474815
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
01d7cce94e8ce1ab40dfa61db907972c06062636a673e301c977eb37b016d909

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 73ddc03007b7d1c65eed954281e70b40.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 16:21:25 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"0b4a496115f3d532d37b2f590c111b6d"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2422
x-amz-cf-id
73zt1VtcjeKKR5rLYUdjkBmeMv7t6fHfFSN3jBiKZ4MOG8UE2iiSIA==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmNwU1NDx5MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA3ODUlJaN0YT0jJat9NwAjJax9NDEjJaZcZF9jYXNmRG9gYWyhPWFhpl13ZXIhY29gJaN1YxyxPWFhpl13ZXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMTJEMmEmMDVGMmEmNwqEN0I3MmMkMmYmNTM5MmAmMmM2MmQ3RDqCNDMmNTM3N0Q3QwUmNTx1NmM1N0E0QmU4NwQ2QmYmNwxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmQmMTMjN0Q3QwY2MmE3RDqCNEMmMTMjMmImODM3N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTE2OC4kMTxhMwUhMTx3JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx1LwAhNDYmOC41NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE4YzQ4ZwBvNGNxOSZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM2NTU0OTxlOTUkJaVcZD1TZWgcozRiU1BfYXyypwYkOGJxOGYjZTVzMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGYW5mLXqypv5wo20yMxZupzF6o3UgYzFeZXIgY2yhZGVlZWkfYS1lo2kyLWFhZC1coaN0YWqlYW0zZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame C34F 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=618bd8f0b4cd9&custom_data=618bd8f0b4cd9;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame C34F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=93&advUuid=713a3de2-c34c-4d71-b847-02e5a81c8a93
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=93&advUuid=713a3de2-c34c-4d71-b847-02e5a81c8a93
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=93&advUuid=713a3de2-c34c-4d71-b847-02e5a81c8a93
date
Wed, 10 Nov 2021 14:36:33 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame C34F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=99&advUuid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=99&advUuid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=99&advUuid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 10 Nov 2021 14:36:33 GMT
liveCS.php
live.primis.tech/live/ Frame C34F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D618bd8f0b4cd9%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=105&advUuid=4777276572329354755
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=105&advUuid=4777276572329354755
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:33 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
947edf51-d2b5-4d0d-8e85-e880fc665161
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=618bd8f0b4cd9&pixel=&advId=105&advUuid=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid611390333d0e7901875086.jpg
video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883863/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883863/vid611390333d0e7901875086.jpg?cbuster=1628672055
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0a98c7644b664f4130ce6f250c192766b5710a2a6fbc94b16ea5c5281bddc2cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 17:59:20 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"04f8108215fc166e0ad8b1e008a13003"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 14:36:33 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
15718
x-amz-cf-id
2iGglj88fIJuae2g650_ZpwYymrVIW0dY4IZ87X_zaTpD4nQofjG1g==
x-proxy-cache
HIT
identity
api.rlcdn.com/api/ 		44 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
9429653b75ac83ee0ecb2c60c29f23cbd7852ca00feb79216ba6dbfa971b4066

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 10 Dec 2021 14:36:33 GMT
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-23.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 12:07:40 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
age
8933
x-amzn-requestid
1a15089e-9b84-4ab6-91f9-3c1e42be4f74
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
Illh8Eu3CYcF_Fw=
content-length
555
x-amz-cf-id
ozTAC3y3_Pn8vqGZzO_ZEgXeOIPb48nWfdMVyM3-kjeWK_VJ8Gbvzw==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-19.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
4182
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 10 Nov 2021 13:26:52 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TieLa3XOSKC5eYwRp-oQ8giHbrmObAnw1S76GYODXMpZKVkIAegkpg==
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
57
x-amz-cf-id
B9Cgcy8bQeSDiyOUhY2_j-LcM85jYVqdcGE-A0Jp3zdmmHxhDyQRXQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 23:03:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
56000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
CnFGY3xXxm9UNWrNFMFioCKXnYVCC9FCi3Gkvbe_JdcYAmXd-T-etA==
pubads_impl_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119010
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 14:36:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		131 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5a6dd347fc26084825577e6b414d376654e78bb59d412a9d5f7582b07b83d7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:33 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/ 		186 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:33 GMT
Content-Encoding
gzip
Age
671
X-Cache
HIT
Connection
keep-alive
Content-Length
60321
x-amz-id-2
ZoXerbuYYEyLeqvhcUrZeSXtO8N0RGQB3gzc1l5I8Z1HhRkdN97pi25Z7zyxzxW3XiUU9y7qMm0=
X-Served-By
cache-fra19158-FRA
Last-Modified
Wed, 03 Nov 2021 21:01:25 GMT
Server
AmazonS3
X-Timer
S1636554993.492368,VS0,VE0
ETag
"f0344cfc0fab11fbf956bd005d2814f0"
x-amz-request-id
ZTNSH2ZB4V5E7856
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
347
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:56 GMT
x-content-type-options
nosniff
age
149077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 9582 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:56 GMT
x-content-type-options
nosniff
age
149077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:56 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame BDC5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:33 GMT
content-type
text/html
vary
Accept-Encoding
x-guploader-uploadid
ADPycdslemes3gh5tw5XgBopr_o9WyqFfzD_JI3c1HZcFL6sfKLtxgoFClndPoc2Ch5gE0T9NELRvYv4_Rf2llZ6s88
expires
Sat, 05 Nov 2022 14:36:33 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation
1598340969597109
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class
STANDARD
cache-control
max-age=31104000 public
age
0
x-cache
HIT
content-encoding
gzip
via
1.1 google
alt-svc
clear
id
googleads.g.doubleclick.net/pagead/ Frame FEFF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca8745bd8c7d6b74c0ddf7acc7956b1555c7b3dfd4df5fd6fee280320496a0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:33 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame FEFF 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:31:30 GMT
x-content-type-options
nosniff
age
303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:46:30 GMT
remote.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame FEFF 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
169106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29782
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:38:07 GMT
kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js
www.google.com/js/th/ Frame FEFF 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/kQof9v-V0VaBK93KCD40uQQ8XZllYzkE_3tmkA6IH3c.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 05:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
33960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 05:10:33 GMT
embed.js
www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/ Frame FEFF 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 15:36:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
169176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7365
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 01:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Nov 2022 15:36:57 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame C34F 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
truncated
/ Frame FEFF 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTx6pTZGTrE2rdtXJsUGPSQsm9QMP0zfsgHLjamyQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FEFF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTx6pTZGTrE2rdtXJsUGPSQsm9QMP0zfsgHLjamyQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
154ec3400a84a69b0c634de70a63ef9574ba583f079429cae14f0397fe0b0e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:36:18 GMT
x-content-type-options
nosniff
age
3615
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3207
x-xss-protection
0
server
fife
etag
"v5bc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 07 Nov 2021 13:34:41 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/T1NeHRuPpoM/ Frame FEFF 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/T1NeHRuPpoM/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/T1NeHRuPpoM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b01c18c44d1c0eafb9a5c4c5929f11c993036c5320ef78d3c237638a42d4c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:10:12 GMT
x-content-type-options
nosniff
age
1581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55326
x-xss-protection
0
server
sffe
etag
"1627915251"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 10 Nov 2021 16:10:12 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C34F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 23:03:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
56000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
ksb21kVFECJ2I00AtkuTlj-Q9quaFllNgc73idgTiVlRuwP4oetOfg==
w_480_00000.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		335 KB
336 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e95cd5f8eb0bb907be0fee498b74b2f2dae088f818398c4a693f147768ce48a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
via
1.1 3f1b64a58ba4608df13914ee37f85214.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
342912
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"b287487eebce4eeb834131fcc384c41f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
zaj6VVtRFSV6QR_QC4J2PND064n-zUqWcwDYKYLPl3Yif4_nJaChdQ==
expires
Wed, 24 Nov 2021 14:36:33 GMT
usync.js
eus.rubiconproject.com/ Frame DA74 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51904
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Thu, 11 Nov 2021 05:01:37 GMT
b0aa7804-d651-43b2-8346-5fcc1397221b
https://ans-wer.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ans-wer.com/b0aa7804-d651-43b2-8346-5fcc1397221b
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
PugMaster
image6.pubmatic.com/AdServer/ Frame 3A75 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3010315&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D618bd8f0b4cd9%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
content-length
0
headerstats
as-sec.casalemedia.com/ 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:33 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://ans-wer.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Wed, 10 Nov 2021 14:36:33 GMT
settings
syndication.twitter.com/ Frame 68E5 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9f01c1a2f0acf13e35acad40424c6265e4ac292f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fans-wer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
110
date
Wed, 10 Nov 2021 14:36:33 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 14:36:34 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b93ba8901cfdb8795697caaab62a7d7266b6d8afdd557489170b147ee8f44ddd
content-length
166
pbsync.html
js.adscale.de/ Frame EC7A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 10 Nov 2021 09:55:04 GMT
x-amz-version-id
wk0I9Mr3GefRnHrXfnG9umOjzPdT6bpE
server
AmazonS3
content-encoding
br
date
Wed, 10 Nov 2021 13:55:08 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
QddVncTe9FelgExg-JMLeggW5fgYI5TlTjp17qChHiTvUXPBs24pyw==
age
2487
cookie
cm.adform.net/ Frame 4356 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:34 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 1F44 		251 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 10 Nov 2021 14:36:33 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
US
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
ff3a795f74f0d4662ca43b7b5bed5f71
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame DDE3 		0
0
csync
sync.console.adtarget.com.tr/ Frame AFEB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=EOA0VHTlN7sWT0ZE90fa&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame F4AB 		13 B
92 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 10 Nov 2021 14:36:34 GMT
content-type
text/html
content-length
13
x-sid
AMS-746
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA45 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=46002
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:33 GMT
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 2265 		0
0
/
geo.privacymanager.io/ 		28 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-93.fra2.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 05:01:04 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront), 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
age
34529
x-amzn-requestid
27d9973b-f7db-4b61-90d4-8c8999c29fcd
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-618b5210-1efda45d428694d83a040745;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA2-C2
x-amz-apigw-id
IknCmFdwjoEF42Q=
content-length
28
x-amz-cf-id
moD29I8j-s-YGfT2AvGTYxpGkrafVlnJZEW0GOl0NGB1g2CdO34v6Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
khaos.jpg
token.rubiconproject.com/ Frame DA74 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
29af2665c43893332e84c235bac366c1
Content-Type
image/jpg
bee_prod_7_bee_publish_835.json
sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/ 		43 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/bee_prod_7_bee_publish_835.json?timestamp=1636554993589
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
095744fa45e2c246e5aed63e5c5d0d7c43025c2ea231e361f6600fa6a0318c31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-akamai-request-id
1422c614.4d76d29.55831611
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
content-md5
cWI4DxsJjLyyeUqG6vYNEA==
x-cache
TCP_MISS from a2-16-186-166.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36865675) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
295,2.16.218.134, 301,2.16.186.166
server-timing
cdn-cache; desc=MISS, edge; dur=224, origin; dur=77, inner; dur=3
content-length
51
server
nginx
x-tos-request-id
1772958bd8f119e9-af54406
x-tos-response-time
Wed, 10 Nov 2021 14:36:33 GMT
last-modified
Sat, 20 Mar 2021 11:49:23 GMT
x-cache-remote
TCP_MISS from a2-16-218-134.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36931995) (-)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=30
x-origin-response-time
78,23.59.247.77
x-tt-trace-host
017e7483f99ea49a3d8a50dcde6def73ac610bfbc0feb075f3a6f6fdf946080460cae38296b0e2ed280d616860dba9fba4737f9f9b0b3e700c8aaac543d13d892b999d37fa528d69d135f565003bc51c09747029acfa655bfafd59ef9a31fc9e45e4a731a709b0b06880ba427e43960fdef04008df81e5bf844a31d6abe27f5fc4
accept-ranges
bytes
bee_prod_7_bee_publish_835.json
sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/ 		43 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/bee_prod_7_bee_publish_835.json?timestamp=1636554993590
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-170.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
095744fa45e2c246e5aed63e5c5d0d7c43025c2ea231e361f6600fa6a0318c31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-akamai-request-id
1414131b.52d449a.55831616
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
content-md5
cWI4DxsJjLyyeUqG6vYNEA==
x-cache
TCP_MISS from a2-16-186-166.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36865675) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
301,2.16.218.150, 304,2.16.186.166
server-timing
cdn-cache; desc=MISS, edge; dur=224, origin; dur=82, inner; dur=7
content-length
51
server
nginx
x-tos-request-id
1772958bd8f119e9-af54406
x-tos-response-time
Wed, 10 Nov 2021 14:36:33 GMT
last-modified
Sat, 20 Mar 2021 11:49:23 GMT
x-cache-remote
TCP_MISS from a2-16-218-150.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36931995) (-)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=30
x-origin-response-time
83,23.59.247.76
x-tt-trace-host
017e7483f99ea49a3d8a50dcde6def73ac610bfbc0feb075f3a6f6fdf9460804609204fe349685f0a689a03875ef9630e8ef0410ecd33d3350b8ed7169661d6b07d2f853d01dfff38548a709b7bc8dd95b5e020e05a8474a4a5e4782defdc5ac5d3a1aa6f2146a1869caf4367c00a4775b9cbaab1eaa6167fe7ba1e7e725827ece
accept-ranges
bytes
css
fonts.googleapis.com/ Frame 0C3C 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 14:20:48 GMT
server
ESF
date
Wed, 10 Nov 2021 14:36:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 14:36:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0C3C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:21:40 GMT
mmt.gif
imps.monu.delivery/ 		37 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=p.l&u=3dcf7dba-5019-4a7a-8438-8801bdc7e7b9
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1679
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 0C3C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2685
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 13:51:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0C3C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C3C 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0C3C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 0C3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfmhGX2JPvTC7IA7W1dtmo_9M2JjG6qXiqVD8r_MUuyC0XQg5OogW7uG53YgXFqe0DAmL7C__907P3RmB0S7L7zB0AiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame 0C3C 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 08:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Feb 2022 08:43:46 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5277931902154953778/ Frame 0C3C 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5277931902154953778/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b11cc97f2c2325e9968277a26a0305000af15e9f3aa0f9f4cae3112688d06b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:35:04 GMT
x-content-type-options
nosniff
age
507690
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30858
x-xss-protection
0
last-modified
Fri, 05 Feb 2021 16:08:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 17:35:04 GMT
truncated
/ Frame 0C3C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8f7e4616a0b99c41c747a3485a00acc5312919393b9d21ff6835ece6917a00b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/ Frame 9A23 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86cd6f0299b02a120684398ac8cde42cbed673bcf64dfca2561575eccf96e72f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
1306
date
Tue, 09 Nov 2021 05:32:44 GMT
expires
Wed, 09 Nov 2022 05:32:44 GMT
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
119030
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 9CA4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COIbg8diLYfHsEIHI1fAPzZiE4Av0zfuGZvzwiaiPDam_woSKGxABINOArQtglYKAgJgHoAH02syZA8gBCakCrsmE3Wdgsz6oAwHIA0iqBPEBT9BL5Z1-M7oQn6nRztkyRh-sV-reW-CiF2IBc3Z8c2G4r-w4fHhblG8Prp93VsseqHNO4G0EJfOfa0SyCGB283JOgDatB-f_5kFV2VzR9LoP5mrVnithcfj2MeF6LXfIGldaFyGL5OTUtj3BHbWba7AlpWe8ob3GZjfbsZmnKn8pklJEMnoNhc01c9J6g4YX3G8liLc1OQWJYHr3nhWv7vHwz1ymX8tGHJP5DzIdrxKpsvVx78-HcMZNkbzuUa3Tl5ttGlUoeQRnZRNx8W3BVu3ecklS5IzICVA3Bt-zW0bANkRyulLgBNe1n3XN68MIIsAE_f6_iIkDkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCr-jXSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTg4MjcwNjUyNDMwODQwNhgA&sigh=SPX-u6ydmUE&uach_m=[UACH]&template_id=419
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Nov 2021 14:36:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 9CA4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2685
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 13:51:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 9CA4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CA4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 9CA4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0C3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CV6MO8diLYb3DCc6S1fAPm6eYmA-5lqubZoWL_7LbDr_hHhABINOArQtglYKAgJgHoAHVh9vxAsgBCakCrsmE3Wdgsz6oAwHIA8sEqgTnAU_QRvoYsIiU-WKZoRsTgR45ggwEIKqoPnxAZwe1QZZp3NmmG091ZT2Z4qZNL2ftKZ-xY-xNM1RSww5cpzrArr7r0ddus5a2hVZwu-Tj9XVbUMVWHpedHmrnuxkd3BMSdXV5lvyQ29XZYP1UDIBqhAg_pM8tHi0hHBk8snJMf5Q6A7OV5e10YAcO9QfgOrXXqq0T8oB-brwgyI6tey3llYorsJxXeKM8K9evPzsR6acyypW8N0UN5NlhOXKfI9thnlYtT9eAXpFCQ36dy_N5K4ytqKIUT9jBUSA2xY8lRKO8sVKttKt98MAEkunUuMADkgUECAQYAZIFBAgFGASgBi6AB5P4pI4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQkq0V0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xODgyNzA2NTI0MzA4NDA2GAA&sigh=Twn_L_3Wv5A&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Nov 2021 14:36:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame FEFF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:34 GMT
generate_204
www.youtube.com/ Frame FEFF 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?-ivfUQ
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 1F44 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
319040906dc56070f7cdb69e8536a263
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:52 GMT
Server
ECS (frb/67A7)
Age
54037
Etag
"8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2438
uu
ih.adscale.de/ Frame EC7A
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1636554994
  • https://ih.adscale.de/uu?cbfn=receive&t=1636554994&nut&uu=8e764321958a4acab0c667c0d20c11d8
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1636554994&nut&uu=8e764321958a4acab0c667c0d20c11d8
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f866bb07a0c94ff6de3dd930dd46051a4b78bd5c96c2d56d6ca47b37539d106a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1636554994&nut&uu=8e764321958a4acab0c667c0d20c11d8
date
Wed, 10 Nov 2021 14:36:34 GMT
content-length
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9A23 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Nov 2021 13:46:46 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9A23 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Nov 2021 13:46:58 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9A23 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:34 GMT
970x250.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/ Frame 9A23 		85 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/970x250.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae2b3702e2a51d00d8b6d71b2457adbbc931df0098e567b4355c0f11c96837d2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
60696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12058
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Tue, 09 Nov 2021 21:44:58 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 21:44:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B004 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62677
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9815 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 13:43:12 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
embed_lib_v0.0.7.css
s16.tiktokcdn.com/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s16.tiktokcdn.com/tiktok/falcon/embed/embed_lib_v0.0.7.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-57.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
487ef1b1a657ab23c755ec06d8a38d0703dc9d03617b1dfbf017135211cc1fba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-akamai-request-id
6dc2485
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a92-123-225-53.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36865675) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
1326
last-modified
Fri, 17 Jul 2020 08:36:11 GMT
server
nginx
etag
W/"5f1162fb-e0c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=22389277
expires
Wed, 27 Jul 2022 17:51:11 GMT
embed_lib_v0.0.7.js
s16.tiktokcdn.com/tiktok/falcon/embed/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s16.tiktokcdn.com/tiktok/falcon/embed/embed_lib_v0.0.7.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-57.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
939770ea6517e7ba27e40e2c21dbeadd159778bfd4bb54d134c2eb288b7a8815

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-akamai-request-id
6dc2489
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
gzip
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a92-123-225-53.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36865675) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
4522
last-modified
Fri, 17 Jul 2020 08:36:11 GMT
server
nginx
etag
W/"5f1162fb-2f44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=18336774
expires
Fri, 10 Jun 2022 20:09:28 GMT
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame FEFF 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 11 Nov 2021 14:31:18 GMT
truncated
/ Frame 0C3C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac70f2d95d2eb26c10b2b1329f55c94cb6a75880da0357ec6308db1f3a7ed84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9CA4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8b2e897b008921901e7c30dd257e7b367b9114c12d48cf1521f6994e758f8c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Tweet.html
platform.twitter.com/embed/ Frame 994A 		487 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1185
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Nov 2021 14:36:34 GMT
Etag
"0d775af1199c0cba0c3ebd7b7695a614"
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9CA4 		0
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLGpnriCjvQCFQFkFQgdTQwBvA&gqi=8diLYZeqEJqMtgeJ563gDA&layout=/sadbundle/%24csp%253Der3%24/14120992840229899163/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0C3C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options
nosniff
age
562855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 02:15:39 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0C3C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options
nosniff
age
159308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 18:21:26 GMT
user
ads3.admatic.com.tr/ Frame 1F44 		52 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
d30863f4726da266c480bf677b1148bb73eaba8fd65cdce6b2c387086679b36f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
56
CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/CTA.png?1607440627338
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
59173
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Tue, 09 Nov 2021 22:10:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 22:10:21 GMT
embed.runtime.5b28e1eb2ce7e3cfb96b.js
platform.twitter.com/embed/ Frame 994A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/669E)
Age
54036
Etag
"476ababff9c8feb955f7f5de12354111+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3522
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame 994A 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/669E)
Age
33741
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame 994A 		146 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6738)
Age
54037
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.49c57014066d30bb9bc6.js
platform.twitter.com/embed/ Frame 994A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.49c57014066d30bb9bc6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/668D)
Age
54037
Etag
"86e18509fea9178472462b9eb6b8ff68+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5739
userconnect.js
js.adscale.de/ Frame EC7A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eauJuoIRP9qOpmpEKxOVuXQATeOtU0Hr
content-encoding
br
last-modified
Wed, 10 Nov 2021 09:55:04 GMT
server
AmazonS3
age
2487
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 10 Nov 2021 13:55:08 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
kvu4bwv4Y_E_zYFIr-kxovEfvP-k52Tn62K7iTl7jO45p6_7dFJqDg==
csync
sync.console.adtarget.com.tr/ Frame EC7A 		0
0
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENPMozUUsmUblLnF3zqGFUw&google_cver=1&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY&google_hm=Q0FFU0VOUE1velVVc21VY...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY&google_hm=Q0FFU0VOUE1velVVc21VYmxMbkYzenFHRlV3
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:34 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPK-vUZQ9SWrsCPVXL_mRT_BANn0JmeeEajmajY-jPwbOQSymGh47SgGF6UqZnRmA_5LkBX-am1GCRTR3-HWj7zbAvwu19DY&google_hm=Q0FFU0VOUE1velVVc21VYmxMbkYzenFHRlV3
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMlrmO...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKMlrmO...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTAxNDM2MzUwMDA2NTIwNzIyNDg3OA%3D%3D&google_push=AYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTAxNDM2MzUwMDA2NTIwNzIyNDg3OA%3D%3D&google_push=AYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVoipfH0ys59OA5ApaC9KKXv0Gpchfw4y
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMTAxNDM2MzUwMDA2NTIwNzIyNDg3OA%3D%3D&google_push=AYg5qPKMlrmO9avtiq-mKs1c5j4MRB8Czt8GwZ8wLyiYi2cogvz4Zh6P8ac3Qq7BNqEqVoipfH0ys59OA5ApaC9KKXv0Gpchfw4y
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 10 Nov 2021 14:36:35 GMT
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA_QxioUlbmGhqIn2Kz57NY&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-php...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-phptqRcr&google_hm=MTA4MTUzMjQxMzc2Mj...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-phptqRcr&google_hm=MTA4MTUzMjQxMzc2MjY5ODI1Mjc
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPJLTsmX3R9hqVK05z79d2c6EKKcYNzUx1IlaOSsKbYu_yJ3xMVIdojMTS84IHBLBOlZi9BOUuBdSLbW6o3s6RO-phptqRcr&google_hm=MTA4MTUzMjQxMzc2MjY5ODI1Mjc
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESED4M0V3aXk5Cav008Z6p_vc&google_cver=1&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ&google_hm=ikKk3771yLM0ZTPW4mVdew==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ&google_hm=ikKk3771yLM0ZTPW4mVdew==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLay74TFYC9aQGp-Q6tXltB4fVuP9qmk0FisDDxdjrSTxONr62T2WIPeZBwbHPejpRoOHdhy8iVZ1YjagwsgNmmhb90szvZ&google_hm=ikKk3771yLM0ZTPW4mVdew==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
m3e0l93le3gba1hn97aqara3uc1rprt5
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVmhL9sk1OWpo0XTyDn6lEOwp7XZyUfe6u29hj5zjCfBGAw7Ogebh6wRE6RspHPXbX4nEqGWdf21NEyjBg2ahUHV7ie2lc
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVmhL9sk1OWpo0XTyDn6lEOwp7XZyUfe6u29hj5zjCfBGAw7Ogebh6wRE6RspHPXbX4nEqGWdf21NEyjBg2ahUHV7ie2lc
date
Wed, 10 Nov 2021 14:36:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B004
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOtYiJ0mUkzseXLts7gWaFo&google_cver=1&google_push=AYg5qPLqO9ARlIAbaAYpla0A...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLqO9ARlIAbaAYpla0AElfQk_WeMzAhnK04ADjvP3WkpKzLHCnNbk9JAZz3HwcPHOivuMyEV5hdci9DezqF3xhBmgFb3T3S7Q&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLqO9ARlIAbaAYpla0AElfQk_WeMzAhnK04ADjvP3WkpKzLHCnNbk9JAZz3HwcPHOivuMyEV5hdci9DezqF3xhBmgFb3T3S7Q&google_hm=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLqO9ARlIAbaAYpla0AElfQk_WeMzAhnK04ADjvP3WkpKzLHCnNbk9JAZz3HwcPHOivuMyEV5hdci9DezqF3xhBmgFb3T3S7Q&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 09 Nov 2021 14:36:34 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B004 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LE7hKWUW6D1jplF3PhMwksrmvxvGfxIPKl-Ip2R56SqES6DW9CWBagZ-hH-eB-KnM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
CTA_blanc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/CTA_blanc.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
477415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Fri, 05 Nov 2021 01:59:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 01:59:39 GMT
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame E242 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=2335273045&adk=2182005794&adf=3003258557&pi=t.ma~as.2335273045&w=1110&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992436&bpp=3&bdt=639&idt=293&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=390&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XeuuVj2bPb&p=https%3A//ans-wer.com&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9815
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 10 Nov 2021 14:36:34 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 10 Nov 2021 14:36:34 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 9A23 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
userconnect
ih.adscale.de/ Frame EC7A 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1636554994392&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
content-length
149
content-type
application/javascript
logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/logo1.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d50d00c4738db2e3744ec44d948362eac945b8f958e0094ec71ab9ad6e9c448
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
510455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 16:48:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 16:48:59 GMT
w_480_00001.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		323 KB
324 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
1cbf5ca6dde1f0a5e8fa9afbe430179eb4904c1f6c344222273d6c382fc50321

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:34 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8675.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
330880
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"ec550048dfead52efd94db2188f87bff"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
oJ4vnRi7HccrPICtLlalWBwWS6Y_GeRYyMsGQVLMjXhkpAlq8foE8w==
expires
Wed, 24 Nov 2021 14:36:34 GMT
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame 994A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6725)
Age
54037
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
platform.twitter.com/embed/ Frame 994A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
54035
Etag
"9f3c8a5e2dd560ec891c95f951f5617c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1766
new
ads3.admatic.com.tr/user/ Frame 1F44 		146 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
c45bc8dfafa975678f500791344090e7ae7f0d684f9d89f602a54b83f9fa3488

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:34 GMT
content-encoding
br
etag
Ew-SA7LaLdcQgzMPjtWgTjQMd_ujGtp-MJRzVyQ5sZFoBE1gBVSkoZTlEJyqps_660L1E9iVQdn8NVfN0DaZ0w
last-modified
Wed, 10 Nov 2021 15:36:35 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
150
logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/logo2.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b6ec53515b953bbff9ea96a60b97745b030ac091126917f4cda407ab98ee2c9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
429207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1422
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Fri, 05 Nov 2021 15:23:07 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 15:23:07 GMT
map
ih.adscale.de/ Frame 0D75 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
759afbadab3b1a382fe3566cd52d4201d677fe56483e3b91a8bc869e63a5f715

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
csync
sync.console.adtarget.com.tr/ Frame 1F44 		0
0
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f805966fbde21b024d9cb0b0efdf0a004ca103924554b856f79c09b00fc6eaf7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		64 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e19058d1808e999e23b81bd027767152e89e7e7996b480c192e61bf6283abd48

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227a9ff4fd9cf1d6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2283f3149876cb67%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2715c70e3e6ab72ef6f8523f2140db3ccea58a1f886af71c324b9c8d0f2ff0f6

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22107530e7a0d1016%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDH.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=a48ee470-66de-44e4-9f19-cb77ad0a0dd1&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
ae77671c59ac28f7b1e4d10631c728f55e572b09374a29c5ecd73c388e0b94e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f9fab46dac176d955438470fe4f06ca78a04a280c1588abfc721653004747e19

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac0038f5b054e97-FRA
access-control-allow-headers
Content-Type, Origin
bid
ap.lijit.com/rtb/ 		94 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
185bd5f746812c69f0e142170c407c75c676a11d972720770af0f5f27af57c97

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
96
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=210385&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
08047be20a188410d267825802b2b12782350d8648fc11de6f917a49edf057f3

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
644ff5d08a1090e4f9bb773256daf3fbc999f601b3ea436e51eb9ed0a54cc827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
ib.adnxs.com/ut/v3/ 		139 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
40a3112a7b9385055a9e4916d570fd0ae13f949d05a07d6717eed92f984c4203
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
055bcccd-b72d-4efb-bc21-380b5526db91
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-7ec948d8-0774-4a3c-ae4c-b76d7b858b4f%22%2C%22callback_id%22%3A%2226b0b3802d6333%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554994674&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
bloggernetwork-d.openx.net/w/1.0/ 		171 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f3fc94e3-513e-4b20-a3c4-71dcb025bc1d&nocache=1636554994675&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90&divids=mmt-7ec948d8-0774-4a3c-ae4c-b76d7b858b4f&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
9d4126542d42beca45e02d3d00a024db3575288d6c11136418ab6073240240a3

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=0&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-7ec948d8-0774-4a3c-ae4c-b76d7b858b4f%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDH.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
XZZ8BQ6DQSY4ETXPDSS0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
7_ADbZnH_EJ872OB9VAmKBKdhzKSbbd9w2gcKPXDeoqMlYZiTWWlUg==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
ap.lijit.com/rtb/ 		93 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
cbb94504b764679d5ce207066f9bd9965901ddbcc349a087d5fc9cbc6e635f73

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
prebid.media.net/rtb/ 		1 KB
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
39027d4e1b8ef8fdcf8f914482e096299e1a06be67ff452e4087a9557489b5ba

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c49e22577223b5b2d10dc43c512e40be04b9051d4adbd285443cd05d2b9c0055

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cygnus
htlb.casalemedia.com/ 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22422b76badc8f76a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22437c59c38842cac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224495cfc385c122b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2245c5450059a6e97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
329cffc67d8dbf749294b384386a369cd931ac4d975500f231aaed1533921474

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
prebid_display
display.bfmio.com/ 		138 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
398e9cb5602e6f37d54bd7eb4c776aac1fb77d8c0c06252610fdbeed33958157
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08%22%2C%22callback_id%22%3A%2249376740936872%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554994691&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
233eaac1ee57c815db801c190b985f2e9f5bd747cf3e354ed70b9ce9751797c2

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b297960f83adcc0a41c0062070e402daa9123a5f0ed1df4a8db4701b518d6fab

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7041436e10abd57cb77c0aa944baf93412725267e32a5945a3073d1b6d7a3c94

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a3ab67ceb5db4ecd80fcc5dfb7458477c984e8c095aa697a8c4ac63d068173cd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f84a3efdb0527c8fb26ca2112da7d88dfd6b921659093c6c8b693328c384b09d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
083e383463e978715150d2af013199b309c0d74500627586279ec4da6622605e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
921db1b1-5807-4457-813d-7de6a10e9f08
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac0038f5b094e97-FRA
access-control-allow-headers
Content-Type, Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a6e029d4-790f-47a6-8416-5874f6371756&nocache=1636554994698&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
51bab4844ef79cffeb8629faabecd5939ab16571f3997cdaec1f66d73394345f

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		116 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22719cda0feb61b45%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%2272132bed2a792e9%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=32c76e6e-286f-4dd8-a856-eb4a164d9bd2&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
e330488371fa814fd6c4d2d98f6b185dc2f59b136c46a3cce6016fa8b5ca3ed6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=1&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
R3N3ENCAWXVSJTYZ8SP4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
9llM6zEloZcSv3wSvv8sYr9nWXcRiz_vUq6adGbnfgCvohhii8ocJw==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=2&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
9E7GWXA0KMGKWM0YHYYH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
hq8scMHPybjvDeAZFRiCg13SkC0In8BSKi8nx23yv077kxHz5BTAOg==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=3&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
X6TRHKBMHJTVXYV4ZZWN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
3LGuxBI7P3P7hrddlJYuzYcIcWbzrsXcOVrcxJfkfC4JVqdJeVG43Q==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=4&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
J29GA5JTWYTRVPTRWHNA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
JOwqSHnPM7D_cpzGdl5mCCGxoZjX3DBH6mGHemMJOVv-J2fXL9Aihg==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=5&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.5%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
1YAXQ0808JWAE5GCHX4F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
17-4_djT26H6nQVn4fdq5ADmI8rmhrNF2kNurTTgtaFfbK-R_JHRIg==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=6&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-d8b1bd4a-b072-4974-8f17-086ac3117e3f%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDT.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
5VYJVPZJ53TBCMB5XVPK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
bzHHV2A1OsgUEtE2aveDMWu1TESusNbRRw00SrRJb-i5kWMZN65Oww==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=7&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.6%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
X8GFPE47FRNYTMY75ASS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
lDNMN8UdJo9J9YiUXvfMcfmuunSYHNiCCZ70dGwJ7O862Xcaw0vIGw==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=8&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.7%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
00B8T4K14NB04FMRZNV2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
OVpXEAT11d7Uius9jLtTkxT5kLs1vouHbOTUeHVnwt3H_nh6hzqeEg==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=9&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-05200a9e-ccdd-448e-94fd-9ec5141ce8b0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDP.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
8FE23SVJ5BVJDH4M3K4K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
l1HcByxzdDkavUedQPPul6D7ZN_gdwf837SyF0Wqvmxbz8OvA0qHrA==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=10&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-111165fb-6e5c-4d9b-b6db-c20fe655e05e%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDR.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
EJX24V41PTH2W7BWEGGD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
6ze-GnUs6c_CqGOuIEi7erXWeJKv4AfVYIPK-bXWEUnV5szvr9tgSw==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pid=PKiivMzMUwXji&cb=11&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-a386f327-150c-4f03-aad8-abba9fad828e%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDA.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
NHPSCDKNSY07SMKKBJFS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
GYtFrq8fGAlNm7kuq-N-79d5vS7hX0MbjL0k-wrBo-wj-t65Qv2zoA==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Wed, 10 Nov 2021 15:36:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=7ec948d8-0774-4a3c-ae4c-b76d7b858b4f
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=330e9471-5e1b-4650-825c-234a6edc2c08
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=d8b1bd4a-b072-4974-8f17-086ac3117e3f
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=05200a9e-ccdd-448e-94fd-9ec5141ce8b0
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=111165fb-6e5c-4d9b-b6db-c20fe655e05e
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=s.d&u=a386f327-150c-4f03-aad8-abba9fad828e
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
tableau1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau1.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7551a858fe76234c54c69dbecee02fab2bd31ef2a3de1f9a7f1d15fa54ed0b66
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
557796
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15673
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 03:39:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 03:39:59 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame 994A 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67A8)
Age
54038
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame 994A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6711)
Age
54038
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.491eda648dcd5ba41f52.js
platform.twitter.com/embed/ Frame 994A 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.491eda648dcd5ba41f52.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
54038
Etag
"a7263afbfe059e9c928fa468a7e9ab79+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15943
match.js
js.adscale.de/ Frame 0D75 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
W45rlDeWL8PXDy4iY0S6qO_sV6.J9qbV
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 09:55:04 GMT
server
AmazonS3
age
2488
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 10 Nov 2021 13:55:08 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
6VMHuMKoJjX6PoEt05nUCxZb_8TUlXRrT9PDZjNa5VtrUxAm5-0QQw==
tableau10.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau10.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc355d7d52b9b712f88e6e4142f729dd29f946b81a0054926ed97dfcdc1bf0c7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
429208
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33378
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Fri, 05 Nov 2021 15:23:07 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 15:23:07 GMT
img
ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/ Frame 0D75
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=8e764321958a4acab0c667c0d20c11d8&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=101&tpuid=BBID-01-03112689953354196-16442748
49 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=101&tpuid=BBID-01-03112689953354196-16442748
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=101&tpuid=BBID-01-03112689953354196-16442748
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
tableau2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau2.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa499ff4ba1b9bad1be1a4a6fe3527d487897cfa4aba3db7d930272f17b7a26a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
555210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19080
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 04:23:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 04:23:05 GMT
tweet
cdn.syndication.twimg.com/ Frame 994A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1438187705792286721&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
abc633bf1e7034d2bfabdd85067ae44c0d5864aed8fc5354997bdfeda9db54ff
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"ae1-WgedQHL0NEyOQVpUTiZPJrWKLog"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
156
server
tsa_f
x-frame-options
SAMEORIGIN
date
Wed, 10 Nov 2021 14:36:35 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
7465665237bae78a23f159744676c9e4bbdf0c0e88a60c121c21ebb735f308fe
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
tableau3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau3.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b3d91c90f14fdb7cc9307b363a77a859bbe6c55edae87d6e5604d4bd5118c52
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
119030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7465
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Tue, 09 Nov 2021 05:32:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 05:32:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		32 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
32
trinity.json
apex.go.sonobi.com/ 		116 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2283e4465d8dee7fe%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%2284d8cf7b19a1858%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=a98c0e78-9222-42a7-9126-f5e1e901451b&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
703fd6a2e5941d2cbea28cd7a0bc3ba21caf958465df2ffd2139bd2fcd652611
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f84a3efdb0527c8fb26ca2112da7d88dfd6b921659093c6c8b693328c384b09d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		468 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
802521799afe125e241150350f91ae5f68127cf284d14f20295f8a78073611fd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac00390be1b4e97-FRA
access-control-allow-headers
Content-Type, Origin
c
prebid.a-mo.net/a/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.2%22%2C%22callback_id%22%3A%2293b0015f4ff1881%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554994923&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b5af9adb017cd8c388bd5cbd7b8c2f0c4d02dd8beea1dc8c4ae5145796493944

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cf9df46c4d630a6c608d212912145418ceb801d14e45c495ce0f68e1a522057c

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6548b823e164b41fdeb2484a368c78e513604e98b41b635bbdaea71bb0c64e24

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
11c461cd2218a7b63c653199786d107a4cd79321933c8aa24656765b2f75487d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		95 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7838b7c81d71cdf46326ba9a1ad9ef32939487acfcbeace19cf4dfb7913cb1f0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ca312a24-06e9-483c-b9c9-98e20b8648fc&nocache=1636554994926&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.2&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
ec9954727be305155232fca67e6212fd682af776cd9f0e94db63861b1061f3ab

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
baa52c80da6c89649ec842971cc1bee11c4b031db8eb704b80e6e910d18d876a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22111b6f04bdf17e9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22112ffef63619d756%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221138db26d895ac3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221146521d82ef9df9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
89f1555e246c7679e3060e250a5b8f93c851f80c11ef5dd135032012a72824da

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e6744a4dc36266a1f5c7ed9b3b9b3fb664a695b6ac7b8304785185e0826d66e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
437887a9-fec4-436d-8516-726e54a65ad2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/57304/ Frame C34F
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA5YjBhMWZkNC00MjMzLTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDcAydqIcqMeIpu6afo3CQE&google_cver=1&apid=UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
date
Wed, 10 Nov 2021 14:36:35 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame C34F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33550408-bd18-4c2e-af2d-417206d04e39&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=33550408-bd18-4c2e-af2d-417206d04e39&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=33550408-bd18-4c2e-af2d-417206d04e39&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
pixel.advertising.com/ups/55986/ Frame C34F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YYvY8wADhPvA_AAz&_origin=0&gdpr=1&gdpr_consent=&_test=YYvY8wADhPvA_AAz
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YYvY8wADhPvA_AAz&_origin=0&gdpr=1&gdpr_consent=&_test=YYvY8wADhPvA_AAz
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
18.194.17.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-17-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636554995.487450,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YYvY8wADhPvA_AAz&_origin=0&gdpr=1&gdpr_consent=&_test=YYvY8wADhPvA_AAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tableau4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau4.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39be389adf8d58efa1896ebdb2c6e4a24ceb50c666fc73e2ab2f3b55433a9d0c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
229814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5112
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Sun, 07 Nov 2021 22:46:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Nov 2022 22:46:21 GMT
w_480_00002.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		362 KB
363 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
4287e18a4d6b37bd78b8905c2e2203a17e95414bf17893cbc5ec91327ad00638

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 6b80baad32f8613177677e407ad0a99b.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
371112
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"3eebd353123553323ae11b774bebd981"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
COjNE6WOOakZS_9BJrarNwEAH8zD6iywW6BUkLecWpeLA9JAHddSOg==
expires
Wed, 24 Nov 2021 14:36:35 GMT
tableau5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau5.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb6343cf6b0259bf7980f13c8d6b7aec22787e269f02e79f67ff9232d8d826a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
510459
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4006
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 16:48:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 16:48:56 GMT
tableau6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau6.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df0ca7fc3a27a1455577229c3d03a0cd6037954539ec403515f70c75f32efd54
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
555210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18456
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 04:23:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 04:23:05 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D75
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=d3bfd47819b750e0df38332...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
49 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:34 GMT
tableau7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau7.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1bbe7b17924cea5a310139b17b89f434a664e1921566dfc7cf2b3627e496568
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
477401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8171
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Fri, 05 Nov 2021 01:59:54 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 01:59:54 GMT
tableau8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau8.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f3f5a9f9af6eac95e29484050e568d516f50ba1999c49d06bbb3d753492f38
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
594380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4915
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Wed, 03 Nov 2021 17:30:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Nov 2022 17:30:15 GMT
tableau9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/tableau9.jpg?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbffbe1b980722af33cb630f70cf0c484aa1ffc4be4b58559d7c9afa6adc96ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
518436
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4138
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Thu, 04 Nov 2021 14:35:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Nov 2022 14:35:59 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b8e8c3b7d9ae201b53537380c6e404e46df443965abbc46528ccdfc20f834bea

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0114c91c84e5095578374c18f2c0bb6f8be2e4fac90429f1cecd0cfcd7867817

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
679c86f847189eabb50f1010443347129c1593d0f1a773e99469f8a7d4f51d0b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		1 KB
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e49e1c38c91448b1c10a62b94f3a1a60a7fbf1d1ff9fba9ce12c47937694242a

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
792d1dcbaa1fe5a471d558ab1b5c35954584594d2c3c53a322800680407fa199

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
682ae8ef6ab138e29eb35b4bc4ba8e0e7c0f7c952e96f3d565f05bb19c114c03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d08ab7226167fe53e012690263a0d1d1c068c4e4c48680281b0614eac66676e

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d3483693-eb49-4b48-816c-9c1412ee69c6&nocache=1636554995006&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.3&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
ad47f6ce66130cbec8c261f9aa05597388af825b08a996fa2cb66ba061bea51d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:34 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ 		95 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
9988dc6e65f149676126ee08899d1bb5d510262c0eddbd6a451112ac9e2b581b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.3%22%2C%22callback_id%22%3A%22146818033cfebbab%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995008&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cb27c2c2cd15259148fe65257a32200ef899315d3694a6e7a2f3e39c1b500983
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8082b07d-fb62-4116-b2db-384dd24ff676
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		118 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221502356e80ea7309%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%221513aa7975c6fb55%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=0e053c60-b394-4650-a0d5-f2e40c39819d&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
77a8224cb79798b9f7dc647e5489f5e5c135cf166767a2fe6b2d3528619b53a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac003915f1d4e97-FRA
access-control-allow-headers
Content-Type, Origin
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3755ed82384ee666f8513b04e746cf1af60042f9cbc3cb4a074b4a85cbd0f5ac

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215675a2d35f6ae74%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221578a04848d46cc4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215813e625d8801bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22159f3c6ead4480ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f5503e15ade8df86139613533da8973c2fa47b6e50f4ebb708cce89852711e3

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
txt1_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt1_1.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
108311
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3038
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Tue, 09 Nov 2021 08:31:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 08:31:24 GMT
w_480_00003.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		319 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
3ddace359b25abc19bbea2fe33998663f17b0ef3dc680f4ede85f3054f37759c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
326556
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"c3f22f4bc99bbbbd448c30b47eaf5568"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
kgJt7qVxsz3r8WIsd2cvJAucnJmDWs_GKp9v5KuDcVrJXOD3L4RU7g==
expires
Wed, 24 Nov 2021 14:36:35 GMT
img
ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/ Frame 0D75
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4016fe36a90%2F1636554995026%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=75&tpuid=4777276572329354755&gdpr=0
49 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=75&tpuid=4777276572329354755&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 865.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8f91064d-1494-4bfa-8156-01b9652fe89c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=75&tpuid=4777276572329354755&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
txt1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt1_2.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
119052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4437
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Tue, 09 Nov 2021 05:32:23 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Nov 2022 05:32:23 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/ Frame 9A23 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14120992840229899163/images/txt2.png?1607440627338
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb853fa9d5b000b500c0e2e7c6968d2cc6c80897f9d671a8abd3a1a00e13fb4e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
477152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 14:10:37 GMT
server
sffe
date
Fri, 05 Nov 2021 02:04:03 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 02:04:03 GMT
w_480_00004.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		317 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9c837ae4c99fbb46f841edb062970e45c16e648f8c4ecbc0c973328f5e394489

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 fd2233138aed760b9a691989eb6a3d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
324488
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"494e3d88a4e4470f47981ed22b51a367"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
EgV3PXzxJbz0QP7x0Pc7CTMvHOQSZMYJ-eurHDrq69H2doWffFwDTA==
expires
Wed, 24 Nov 2021 14:36:35 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D75
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d4d4326bedf0affa089aa556c...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
49 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 10 Nov 2021 14:36:35 GMT
embed.ondemand.Card.5117a3c8f82ad8344d36.js
platform.twitter.com/embed/ Frame 994A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Card.5117a3c8f82ad8344d36.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
ed9cbeab7ca99e761b557446f9756337755bf0d682edc4fbc17b24df3f22d412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1438187705792286721&lang=en&origin=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=9f01c1a2f0acf13e35acad40424c6265e4ac292f&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6762)
Age
54037
Etag
"0f159d133f84ebd1135369c61d64dc45+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
845
1f451.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 994A 		1 KB
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f451.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
504
etag
"mP6c3sK/je14Knvx4wK2ZA=="
x-served-by
cache-fty21331-FTY, cache-fra19134-FRA
last-modified
Wed, 21 Feb 2018 22:30:55 GMT
date
Wed, 10 Nov 2021 14:36:35 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 15 Jun 2022 07:09:18 GMT
1f64b-1f3fd-200d-2640-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 994A 		1 KB
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f64b-1f3fd-200d-2640-fe0f.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dde183cd4b72d8e2354167f3b4e3c0240d6597139599fe37b559849195ff3306
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
596
etag
"ecRIqQgl/IcDNNLm7Z8m0Q=="
x-served-by
cache-fty21373-FTY, cache-fra19134-FRA
last-modified
Wed, 21 Feb 2018 22:31:10 GMT
date
Wed, 10 Nov 2021 14:36:35 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Sat, 24 Sep 2022 07:12:52 GMT
1f448-1f3fd.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 994A 		571 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f448-1f3fd.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be1ee07dedacecdcf778edf01306c17ade2f264d793fd7ae4c0be096d3c8e39f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
372
etag
"UkklxpHIpHoO+363GCbqyg=="
x-served-by
cache-fty21376-FTY, cache-fra19134-FRA
last-modified
Wed, 21 Feb 2018 22:30:55 GMT
date
Wed, 10 Nov 2021 14:36:35 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 21 Oct 2022 07:18:56 GMT
jot
syndication.twitter.com/i/ Frame 994A 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636554995193%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221438187705792286721%22%5D%2C%22item_details%22%3A%7B%221438187705792286721%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Wed, 10 Nov 2021 14:36:35 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b93ba8901cfdb8795697caaab62a7d7266b6d8afdd557489170b147ee8f44ddd
x-transaction
4f6f8ce9d31ea7f6
expires
Tue, 31 Mar 1981 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
d5fcd03495b8262736dab06a873fcd9009d869e6445f76d82952e4f861006edd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1070b8a3f24bdc3dbc1eff126babebd9547782c47142f005f4844d68d00ecd97

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9d39fd0fdccc81c049611079899e92987f957f1e76325ce58056a0417c61633c

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8557e464dcd7fa2116324e2f1711409c761a727a4b053f80abbc0e982395beca

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
589397ae8dc46235e290055971accaa652cd52081e70c07d7c4fc40ae9743573

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0e607de739f09cd3a7ca21bd04cb18255d725345106bf02282b909428fc3f44f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e8109fc-b753-4f59-bff4-8cb31b18b881
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b56761394c1c0f9476acffbf2614bdb2864d2ad5411abebd0d6ac67fc774613c

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
de0ca3b00acdb944ba568f12e1e0c78f1459e3742a4f74b9268a71537e95d33d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac0039289424e97-FRA
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.4%22%2C%22callback_id%22%3A%22185955dec7cc04de%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995211&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		117 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221905ece715b85412%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%2219170635a067532%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=bfdf627b-e234-4bc6-9bc5-149d2b038177&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
062d50b854c467496653e2a45b0dd9719c00a37adec34ff6bcd3a913d1ae7b7d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
142
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219497061cc1bc965%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2219524bba1ce1437f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22196a527b62d34a5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221976d70a9d9d9fdb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7770246be8d72673d15009a885864e97711a6a0822ac5e8a6d6332c8848976b5

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
imp
g2.gumgum.com/hbid/ 		1 KB
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
815745a62e63ee52d51d46ed087a4b8502f3ae8d014a1fb1b8ca380eddd665b2

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee2337bf78803719a5716d5ae6841f3019bf88dd1102565f3d9a852a77163cb2

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97a8ac57-880a-4ad9-ba0e-f356a7340d99&nocache=1636554995216&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.4&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
eba63da064bf7394cada80af6ebd94f0d9f2d1ebfca9289f1f5e7ef6db66b9cd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=658101738653033&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDH.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_A1%26directDeals%3Dsticky_header%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995234&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=83&adks=3189406419&ucis=1&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x26&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
cfbbd233e2ebf660228be63ff741b524450a9cf1baa5a4595ade239317298b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10450
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 97B2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2896133214147450&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995255&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=2988&adks=3182188398&ucis=2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d038999f97a226256d8bb50da8c08d5159930cf5a91c0a7a514e74fd3b1db217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8083
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
xgtU094G_normal.jpg
pbs.twimg.com/profile_images/1048170176343150593/ Frame 994A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1048170176343150593/xgtU094G_normal.jpg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
e36258c9c56f973584d4646646d58779701e47dea96124ab3170ab2aa5ebd142
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
x-content-type-options
nosniff
age
582479
x-cache
HIT
content-length
2111
x-response-time
116
surrogate-key
profile_images profile_images/bucket/4 profile_images/1048170176343150593
last-modified
Fri, 05 Oct 2018 11:14:58 GMT
server
ECS (frb/673A)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
fad9359ef96d5415a826749ca7d0e3f18bf5b2e56a88cb5cbdb205027351c532
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2414910511635951&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995307&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=4397&adks=687570588&ucis=3&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b3bbac0c381b1a6f2b4989aa27d5b941cc6a2ec73b39125df46ac8899b2a2458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10988
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3654840871853963&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995316&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=5340&adks=687570587&ucis=4&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9944563f668ef2f5279a8c5e94bb9804ea8765962f22c7ab941999502741f974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10579
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/ Frame 0D75
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=eabf167ca235dc42265c5e54ce6b52b316c07da04f310e97bcb062927f7dc5f0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548b9cb4...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=eabf167ca235dc42265c5e54ce6b52b316c07da04f310e97bcb062927f7dc5f0&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b548...
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=42&gdpr=0&tpuid=1005411107955032424
49 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=42&gdpr=0&tpuid=1005411107955032424
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
server
nginx
location
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/img?tpid=42&gdpr=0&tpuid=1005411107955032424
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
g8VL_RXP
pbs.twimg.com/card_img/1458144921194737664/ Frame 994A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1458144921194737664/g8VL_RXP?format=jpg&name=240x240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
16ce0ee44c7f9f0d21707ceabbfce52f5918a1918b1355e90ba4710d4edc73d7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
13216
x-response-time
154
surrogate-key
card_img card_img/bucket/2 card_img/1458144921194737664
last-modified
Tue, 09 Nov 2021 18:48:14 GMT
server
ECS (frb/6725)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a3f501de939202d7ab0f2d4bf5b8aea2a8c91e1729d765b74fc27c8b0d2acd88
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
w_480_00005.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/ 		304 KB
305 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883863/vid611390333d0e7901875086.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0cff68f1b6af93fbc90f21973308a4628a145a951eee941c3f525f30faad4009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
via
1.1 c8d2dd017ae345697950b9af4e41ff18.cloudfront.net (CloudFront)
x-amz-cf-pop
OTP50-C1
content-length
311140
last-modified
Wed, 18 Aug 2021 04:09:12 GMT
server
Tengine
etag
"8c5f1c21f96754c2b35f52954f466abd"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
1UisouD7ffymAFkzIbnKW1fax68q3EzjyNZbVLzZkexbgR-zoowIVg==
expires
Wed, 24 Nov 2021 14:36:35 GMT
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac003938b0b4e97-FRA
access-control-allow-headers
Content-Type, Origin
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a4ad636890d0307ea5e66f8e1702e1daaf9c5ad4de89586c23c0cb07ecaaf129

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
08e11ee118af5a4e52e6077f0b53e255695aada2007b23e975e69d08bb207538

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		95 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
fc3ba1dc470ed035d7e0acec2fd128e9252f8b68600770e80dc351d96aa8eb3b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cfc9e9a9738578e3529bbbbfcfca3dfe065fe0e4fa8648d6615a6b9b21d4eccc

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1754
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
trinity.json
apex.go.sonobi.com/ 		118 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22222a6a8456610eda%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%22223dea459c7a2ac5%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=f43766bf-cc08-40da-ab87-4ceb2cc9d72a&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6002fb426b4f1bd54ccdec7b5813ef776f4a7e7aaff4a8dd78ecaa1beae519be
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2b2716a8-4e7c-4448-89fa-c93dd914981e&nocache=1636554995370&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.5&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
9e79960557456ee91870e765c1808678d000fa8a45bb214fcc56caed5be53b51

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
dcdba1c74a3e8755b5b3e8be27b309623d187355fe3f3ef73dbf69545f8b40a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3ed27a0e-75bd-4fc6-a0bc-eb73bf83bdeb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
79a42c051a7a1fb1bc1599624499bf49a723185448d0f79e36fc30f748a8f224

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1da9fb488d784e53d8f896c824abab3b1b1107f49d5372f90f5fcb5b1c9c260b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0d41151a237d0ad28ab7e787d54f2f4bfb4104f2e432a52a5bce6e52cfb82b9e

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5492a7ebb76d686f63c47b41aeeb78518f6cd0b762c94371cb1636886b5f9993

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22234421cc2695b76e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223567a21707d1f0d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222360def6c50a357f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22237094eacc607c56%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c04f02a36bc7313acf4564bb0e240b18e1897613332ff394fc9332c60232d61f

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
32029896434c5ac1f0087d7830a71ff6f7b6454150a9a1a26f9d6054c8739449
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.5%22%2C%22callback_id%22%3A%222417c2897f2ffb99%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995374&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
402671529f1fa44c901ee981f7f9318406d398fb67080080418b5dc9c80de39e

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1636554995379586131778&uniqId=0a5f0&childs=1153333&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&lu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=618bd8f3-084c5&pageView=1&pvid=17d0a4776b4ba57f237&site=128337&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/n/ans-wer.com.1153326.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ac00393af4f0621-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C3C 		42 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2B85uRezf0uxDqJTBuX3s0N4AH8IFoi7JjrBflq5SaOHTZLb6kdSyW-nk4s5eKZHUynUu7TrZQCuys_7eB6_NicSe6bGvZycvxTjRBIrma18uZWgcqgHhl57SKAocMT-pbsx_PIlyU-KT&sai=AMfl-YR_CSK1uYPr0RvUt7m2wir7PfH-b2d5ivcKFiZL955udX2Q69KHs3z-VLLbMeiopvJrabiT4PDorb4au9xkl6it_EN_1Da084k&sig=Cg0ArKJSzPjPi0SXZOWqEAE&cid=CAASF-RoPXDJabcexd9otyhxERKQRK573os0&id=lidar2&mcvt=1002&p=0,0,280,1110&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2182005794&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636554992735&rpt=1634&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=b.r&u=330e9471-5e1b-4650-825c-234a6edc2c08&d=%7B%22utm%22%3Anull%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1680
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3607
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ac00393dfbd0621-FRA
expires
Thu, 11 Nov 2021 14:36:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3530
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ac00393dfbe0621-FRA
expires
Thu, 11 Nov 2021 14:36:35 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D75
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=dde55b03-0936-408c-b2f7-67df16eec374&gdpr=0
49 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=dde55b03-0936-408c-b2f7-67df16eec374&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:34 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=dde55b03-0936-408c-b2f7-67df16eec374&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3679032
content-length
0
expires
Wed, 10 Nov 2021 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3878710803027488&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995438&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=5532&adks=687570586&ucis=5&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7020648632b3c6ff939c9eefcdf667616f4ea4747caca2326f9269598a7c6dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10593
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
prebid.a-mo.net/a/ 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2adab10d0a6acb1f173e940ac8fd3fbde2c326030839075e916a91cfcb1720b5

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cd97cafede99507205c4f9909530341d7d59d349e9d206023409d5e78bb673e3

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
73e38edc021038b0c941c08ba8ae43f767569df1a2794db028b7130309c366c7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
arj
bloggernetwork-d.openx.net/w/1.0/ 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4fd7607f-da09-487a-bb25-cf74656ec3a4&nocache=1636554995464&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-d8b1bd4a-b072-4974-8f17-086ac3117e3f&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
9d78229557f6e87fd7ef6ba4e3a73e5b6d8fecf030da9b77b484d3f97ae13e47

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		140 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2225515e157417c2c9%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDT.D%22%2C%222560d02f9d73293c%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDT.D%22%2C%22257bb265b478bf34%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDT.D%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=f641abf3-b1c8-4ecf-a248-3fbfe00916fd&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
449077e4442856fdd1416b3a3648d12c004ec9f607771e40f15cfa4975b10368
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3cfa0ad59a083ab68e6524a31a1e4ff178bd65fc389fe0c6383a734700de662f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
13f00aa8-6a48-47ea-8f9f-e4ad3b8bc4e5
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-d8b1bd4a-b072-4974-8f17-086ac3117e3f%22%2C%22callback_id%22%3A%22261fac85ee41a41f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995467&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
936cb6bb2308787ccbd2721c16d43f0ce06878ea12d693c9e54c0093f1a2b6ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac003942c144e97-FRA
access-control-allow-headers
Content-Type, Origin
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
466f35c3a977f0d305657ad7d25ca5aede468800ad39fcaf613aeb47a9d78bfb

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222681339bee7f9ddb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226911267113abf7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222700653aa0898c9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22271afc517d7f1b65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
846041bbf79457aeeed62e5f32e3540a47a05aed800c7a8494b44908eecbb535

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:35 GMT
bid
ap.lijit.com/rtb/ 		93 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
09f5d1eb6cbc7bea13ac5c5df21cfbf37295c230c2c219aae3713b3faaf4d381

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d0fffabcb84236c9b88c2c83fe5dab35eb1cdbfa8000aac2e26f7d0bf66f8a6

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		468 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210381&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
802521799afe125e241150350f91ae5f68127cf284d14f20295f8a78073611fd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
de62c6cc20fd2c3ef34756f01b1826290decacb72aeaa432ee5e10dd34bc849d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210378&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0758489e48f4b30ac0b5b74b10a1e1a36c46970ba5a7b31f0916dca915c78ae0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
jot
syndication.twitter.com/i/ Frame 994A 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636554995491%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221438187705792286721%22%5D%2C%22item_details%22%3A%7B%221438187705792286721%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1254.8999938964844%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Wed, 10 Nov 2021 14:36:35 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b93ba8901cfdb8795697caaab62a7d7266b6d8afdd557489170b147ee8f44ddd
x-transaction
6c001cb37f211972
expires
Tue, 31 Mar 1981 05:00:00 GMT
user
ads3.admatic.com.tr/ Frame 1F44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1005411107955032424&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:35 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
1
servicer.mgid.com/1153326/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1153326/1?pv=5&cbuster=1636554995496204496612&uniqId=0a5f0&childs=1153333&niet=4g&nisd=false&jsv=es6&w=730&h=741&p3_w=236&p3_h=184&maxw_3=236&maxh_3=184&cols=3&ref=&cxurl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&lu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&sessionId=618bd8f3-084c5&pageView=1&pvid=17d0a4776b4ba57f237&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/n/ans-wer.com.1153326.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ad7b8f87fc551d7a3d1c6f192faff01882a9a4ceeebf2f5d1707e6516238c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ac0039468b50621-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D75
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d52e8fa848e2328017136de2...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
49 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2027389195547780&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dcad0f21d-73cb-466f-a7bb-d29b22bf7e01%26monu_df%3D0.14%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D460fa217caf6d09d%26hb_bidder%3Dpubmatic%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e-220ce33c43cb005f%3AT%3D1636554992%3ART%3D1636554992%3AS%3DALNI_MYnSfssTRcpyYzOKqoCl_ScJNe39w&bc=31&abxe=1&lmt=1636554995&dt=1636554995511&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=1165&adys=761&adks=687570585&ucis=6&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f73bf59120a4b843d62ff608edd7fbb1158545682c46213ed4671030581dabd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7974
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/ Frame 0D75
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=91bbc2ad85d9b71f036426707f2d9821943226562181e7906971165d85568e48&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=91bbc2ad85d9b71f036426707f2d9821943226562181e7906971165d85568e48&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F20da2d6b88c24b...
  • https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/js?tpid=48&tpuid=182b6e0465439784c56d0eab985d5c45
44 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/js?tpid=48&tpuid=182b6e0465439784c56d0eab985d5c45
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bdf64ee9f85268bf51e3cd70abd958229566fc0adca16e3ab516df299d8bac47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/20da2d6b88c24b548b9cb4016fe36a90/1636554995026/0/js?tpid=48&tpuid=182b6e0465439784c56d0eab985d5c45
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
prebid
ib.adnxs.com/ut/v3/ 		0
0
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a5fb300a4a4385c50626c1a5ab07ebfd74aa42d41fb13a4897c2618f220fe0d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
1008 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
815745a62e63ee52d51d46ed087a4b8502f3ae8d014a1fb1b8ca380eddd665b2

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac00394ad0c4e97-FRA
access-control-allow-headers
Content-Type, Origin
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.6%22%2C%22callback_id%22%3A%223027077d7c17551e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995550&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
17c869ed6e742ee9f38e61a9f8c9a538031fe08c49646bdace6445afe7ed328b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f0976fe3632f7340fe0befd428ff68f14458ebfc634eab8dc047ee275d0edda6

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
4b4a354eefa3fe0319c9e8a63b89c105f260eaf4f2c8348fe9539d00ef077ce6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
cygnus
htlb.casalemedia.com/ 		26 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223111b752b11f8d7f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2231205b03687410a8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22313f9fcc7ce73aa7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22314375a13962d398%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af00fae559e1016599031f27dcb2adc79e0d654c3f8f64c28e51aac4fc1aab65

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:36 GMT
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7769a4c663088f0ff4f116d82f6f47637826976bad4ca0f118bb6935fdb3a90f

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
access-control-allow-credentials
true
vary
Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=05af53a3-2a79-4bfb-b960-ee163009f531&nocache=1636554995556&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.6&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
c13c15f9fdb58381ff749e2847d2b62336b791afabc67c79f801280362270f6a

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:35 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		118 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22325a4cb87476f696%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%223265841182628cc1%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=37f32ca7-de2c-4f1d-9996-59ef5bce1168&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
010f6876f39e5954a1c935ccc0abced6d66ecf541f4f57180310c39dd9aec297
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7141f7f6ab593fe8394c165fc386f30c4f09c0115218c7b00ae4802b7069bea7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9833b7592acf3b5c35823734771c445a9bb7aaf8c019283d5544916adadbd5d0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cb8993c767e17e586b7172eb617663a7326c62c54900f1acfebfe8ba3f294802

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:35 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame 4810 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 06 Nov 2022 03:35:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 4810 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 06 Nov 2022 03:35:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 4810 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 06 Nov 2022 03:35:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 4810 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 06 Nov 2022 03:35:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 4810 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
385269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Sat, 06 Nov 2021 03:35:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 06 Nov 2022 03:35:27 GMT
truncated
/ Frame 4810 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b0645e21732016e49ffa2d10fd021712ea72eb961ae73fbb81898ab6471e12a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fk54etst&sb=-1&h=ans-wer.com&cb=2323646&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
9604477995710886989
tpc.googlesyndication.com/simgad/ Frame 4810 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9604477995710886989
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9139caf5a699497154d3a233d16b3ca047ff93ecb446d1267fe661527bcc082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 03:14:30 GMT
x-content-type-options
nosniff
age
472926
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72643
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 15:40:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 03:14:30 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4810 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
32676
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4810 		295 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
53617
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 10 Nov 2021 23:42:59 GMT
l
www.google.com/ads/measurement/ Frame 4810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMDTEediyx4TMQaWVsk-CjJamzxtzq_qmokrze-GPWNut9p1Y6_mW2VtHHNS8SlHUBgR9hPhIbBxXsG95fM-1HonRowg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeKke89iLYf34KISFjuwPkum1-AK4gYDzZdHht96tDt7z06blKRABINjV2CtglbqUgqAHoAHwpveuAcgBA6kCfE3mLa-ytj7gAgCoAwHIAwiqBIgCT9BpNcKa7xzfQbdF9rvJBNRS8ysQNeXBwQEJuoJeaNMj0ul4C3ZwFygC7Sibv1thRQDK71uyyRfGFUosw8dHAxeF8IS2Kaa3m3XuVrkAzH4L6_kS63deSZXFxiLQG9oeVp1DpIt1IP2JQBaJXedTtH6D_VZmiFTFVPEbqsMH1WPfx0tDgKXdGiNoDI4KJa2GPIQdqaHYqyyaKyRQju9n6xSbB8pgX4rl8BtfvPSM1fzYVHt6zCq4STDToin0XfXjiTmBYsxd8ikfSprPsiJeYGtLQTBZEcMT6Do0AmRyL7uljDOaZOF0XpvbGRjwCg6XMQ_gZZ2Qw34-1ayMvyP6sj0qBbGshzYWwATUpcWY8gPgBAGgBgOAB_jYiNECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQgMse0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01OTE2NTUyODQ3NDUyNzQzgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=nJGr9qr58eY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-7ec948d8-0774-4a3c-ae4c-b76d7b858b4f&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDH.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=b.r&u=d8b1bd4a-b072-4974-8f17-086ac3117e3f&d=%7B%22utm%22%3Anull%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=1125602479162834&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDT.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D4%26monu%3D300x250-160x600-300x600_B4%26directDeals%3Dsticky_sidebar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3De064fec2-7ea6-4ddf-99c8-b55ff4078454%26monu_df%3D0.15%26safeframe%3Dtrue%26hb_size%3D300x600%26hb_adid%3D463c158d7f7d38b8%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554995&dt=1636554995653&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=1190&adys=889&adks=2176463979&ucis=7&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x22&msz=300x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
728fca0008d44666efbad1ac112959fea1b2998fd4c558ebeabfd2f73c0c2502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33363
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B7E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761247891%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
807cf8a397da42bda3258ee4508558f1d69256aef43c25f02432b8b521302e45
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b88a4a89-85c9-4028-86fd-732739bac1f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-330e9471-5e1b-4650-825c-234a6edc2c08.7%22%2C%22callback_id%22%3A%2233480dea9b3d50e5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995702&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.104.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-104-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
vary
Origin
prebid
prebid.media.net/rtb/ 		32 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
32
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c498ab3ea973d1d3226ef72100c99bcfd68a23622d78296d10b6813a021bc837

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
6f5db4c8baeb690e04f7abdc0ab5c6f024f7d889bb1ae3355f93f863696c82c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
68711f792152cd5b6574cea2b25c6bd99f7341b82bdb857b3b42b7f105cfd67c

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9fda3ad8ed30867ab38c20f15ec8432107a445a51d50915eeb13c9a4b6eb2262

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ac15f08026cfb079ddb210efe365b77cf1b9cc2810c7a507aa12f079c4e6eda9

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_mobile_atf_320x50&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0cc705e366e9a7fc6cd71320ddec239f2aa94d268dbe49bef93383c7f9f49769

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		38 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22360a7e26ae47b205%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236143f6fe1a15e51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22362bb94e2bf0008b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22363bddf248b7a886%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d4e288b8c9e5c95ebde2351ddfc6adb706b672a9a4ceaab9d33ad1814a75bfe

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:36 GMT
trinity.json
apex.go.sonobi.com/ 		118 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22365d64cc4a59f983%22%3A%22dcc4cd9596e80d497120%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%2C%22366702afb3e744cb%22%3A%224038e93c4d4c13bc38d7%7C728x90%2C300x250%2C320x50%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDI.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=1a228a23-dbf3-46af-a9be-8d2e5afb2f20&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
68929e0ba2101f9393f1872c3f1d1a3ab324295a9fada469ccbd71ca1ba2821d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b1c0111e-3beb-441b-9bb6-110885c6dbf8&nocache=1636554995712&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90%2C300x250%2C320x50&divids=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.7&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
63039d98356e4de87ac565532d63f2dec4ca943d7a1460d0b93559b206e9615a

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
OXGW/16.218.0
timing-allow-origin
*
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac00395af2f4e97-FRA
access-control-allow-headers
Content-Type, Origin
imp
g2.gumgum.com/hbid/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210380&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f84a3efdb0527c8fb26ca2112da7d88dfd6b921659093c6c8b693328c384b09d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		468 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90%2C300x250%2C320x50&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
802521799afe125e241150350f91ae5f68127cf284d14f20295f8a78073611fd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 612D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.2&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A5523952454%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
809a87a223367b6c36eacfaaa0f37c9d0c642e666e12699aad9dd257cf7a6994

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee7bf86334c68af406d04e6ec562e082107be02f76aff19219c12ac38d3dbb29

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		468 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210385&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
802521799afe125e241150350f91ae5f68127cf284d14f20295f8a78073611fd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b4b651a02d9141ab784355e7ff10a5e435909e3f87ad07a670d5346de9ca485
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
329a81e0-e2b8-493a-afdf-12db3a1786a4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-05200a9e-ccdd-448e-94fd-9ec5141ce8b0%22%2C%22callback_id%22%3A%2238532f53e97e81e7%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995738&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
dc3ab0e79ae79b338a3f93d1e333feb8c6a654e69d21d23d238ac4c35d2a1b3d

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac00395df6b4e97-FRA
access-control-allow-headers
Content-Type, Origin
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
51b33381eb17271ca2413508ceff647f68a8dca3d6ee71a4b6cf51f103e77748

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		96 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223936b67123c0e944%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDP.B%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=ae3eced3-e3ac-4566-991c-2ef3492a072a&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
b37fd7f8466ad5643e0dc5f371ce68c03c24d995bed156d7e3416c67be96fe56
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22394121ee8349c329%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223950b7664e41f44a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f5b83720f79788f4c1e15d9e50bca0753892391412bbb50212d1ee314ef66380

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:36 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fdb7184e-a42d-45f0-8f2b-a475d63f7632&nocache=1636554995743&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90&divids=mmt-05200a9e-ccdd-448e-94fd-9ec5141ce8b0&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
ff096a9c5b5b41989d40bf8e9c2eb1cbeb47ddb43a864bcb839de4649f57d412

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
ce0c46c52d55e3439c00425a836a70dd7e8bbc6f31764d22fe5dd238d6ce770c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.3&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A5523952454%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3062034956127493&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554995&dt=1636554995790&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=7538&adks=687570584&ucis=8&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c5611075800370c6ae27c201476ebde58c3944b1f5383f02d2c8bb2f3508d2f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10478
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_whirs&c=sf&s=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B4F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.4&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A5523952454%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:36 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c20e2f570977501935b28b410d0868d322c585141a1f0e81e052a62e1a258c78

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		1 KB
1007 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&si=210378&pi=3&bf=160x600&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b262359548e78975d5915d49e3f2a69683b7bdeeef956ded8cb68c0c50e81ba2

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
arj
bloggernetwork-d.openx.net/w/1.0/ 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8246bcfc-eb16-47da-a3ee-578436b87bc1&nocache=1636554995883&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=160x600&divids=mmt-111165fb-6e5c-4d9b-b6db-c20fe655e05e&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
faa6304775108b2a5bd80188e6cdb1c160cb839aebcd2d17b5211414f179250e

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a3346c2bab394fe734b1eb82f33418323140257a26d4a6f93141a891cbc3d94e

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		38 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=242369&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22412635ff7c601e87%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224138b8358661c3ad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88ee1511b5fb8b3fe009655557b2591bc5c76f69eb5d0c32af95857aa3eeaee3

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:36 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
174153556bd0d5484b30d30e175b501400e7057fb60294486e4c1305a0804f85

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
339c96fe7ac3e338273877fc09aaa3c3da723247580191f202e6e1589acd82ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
537466ce-d1a9-4be0-9db2-890d5142be33
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-111165fb-6e5c-4d9b-b6db-c20fe655e05e%22%2C%22callback_id%22%3A%22419bdb07db9d275a%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995886&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
1efe8bb95628018ec6f15e732646a00a9899c7ab8ebde4235a8951a153f0b90b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
71c4afc7ab159a9b4362cfcd946e6fc3fea9abc13b68674fc9fdac5a6930bf2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
trinity.json
apex.go.sonobi.com/ 		95 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224271bdef0543947%22%3A%22177369c437c672237248%7C160x600%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDR.A%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=0ebe02c3-0ea3-46a3-88c4-f574ac22b2cc&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
23029c72cc4e76844159e9f0981404a03e28772faab9786dfc2733e5b40e6682
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4d36ba0b21&pos=ans-wer.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&req(url)=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&secure=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
60ba6193515ac5bde06d315934b54163c00aaac71e9519e22a70ee49e4e1783b

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cp_RFGzV0r64onaKjGFx_2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
dfe80a7f4cd42ac22b326fd6f2731c709c0be6aaf40ccbecd63857187f4b3777

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=99b5a44e-6431-4b2b-951c-b1f8d20855ac&nocache=1636554995891&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&aus=728x90&divids=mmt-a386f327-150c-4f03-aad8-abba9fad828e&aucs=&auid=543962366
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
a3f0f9972814e2ea2652022c94a24e3bce13708ce44650b338753a3ce5c5ccd6

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22434aec0bb367c597%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-10T14%3A36%3A33%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22435195990d558f09%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.186.99 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-186-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7084bb014a4276dbed5ec18e0ad80dd16e7e52a1345e468111df7db6ef93eb48

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.197], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://ans-wer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Wed, 10 Nov 2021 14:36:36 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		468 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6266c03a-cc0f-4864-b10a-8b838c589d71&t=pjao9w2j&pi=2&schain=1.0%2C1!monumetric.com%2C3dcf7dba-5019-4a7a-8438-8801bdc7e7b9%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=null&ns=9830
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eabfb52c636111a5206ab400ecfa268f6410c9144780a9555f172726ec949068

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://ans-wer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
32d6d14e11f7d7a313f65be68a03fd8f64082e0ac96664d762ec59763511d55c

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		95 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
3cc394ccf8b6a8257c80ea8f3a68292718d2c45c327519acd474af2e3e5b4db8

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid_display
display.bfmio.com/ 		138 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-182-4.compute-1.amazonaws.com
Software
/
Resource Hash
e676f8c37bc899e7956e6d357db9a3a312d3822c5ff724666f8d378bd5705fee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac00396d9384e97-FRA
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/ 		140 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e6843aac5cf75fcd2f2d14544da405342b601650a6e666708011ff4aa6029769
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9e9538e-02ac-4bdc-93d5-6b11ff668a1e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 10 Nov 2021 14:36:35 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ans-wer.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid
ads.yieldmo.com/exchange/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-a386f327-150c-4f03-aad8-abba9fad828e%22%2C%22callback_id%22%3A%2245327ffd82d89663%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222675474378266714249%22%7D%5D&page_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&bust=1636554995897&pr=&scrd=1&dnt=false&description=Learn%20About%20Arazou%20Baker%20From%20Cinderella%3F%20Know%20About%20Her%20Age%20Role%20Family%20Boyfriend%20%26%20Instagram.%20She%20Is%20an%20Actress%20From%20Cinderella.&title=Who%20is%20Arazou%20Baker%20From%20Cinderella%3F%20Meet%20her%20Family%20Boyfriend%20%26%20Instagram.&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ 		96 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224557134638ff3c74%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C21716575069%2FGS86FM%2FGS86FM-DDA.C%22%7D&ref=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&s=ca6b97b2-fe5b-4ce4-a777-9ffd31c52278&pv=77f2f991-62b6-4e6f-9f37-601250581fe3&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%223dcf7dba-5019-4a7a-8438-8801bdc7e7b9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6331d98ef7a541d4866051a9cc9b97f4e324f5658d2658b99203f645340d8054
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame FEFF 		28 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ea6a4ba6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/T1NeHRuPpoM
X-YouTube-Client-Version
1.20211107.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtxUUhTckNCMFhqdyjwsa-MBg%3D%3D
X-YouTube-Ad-Signals
dt=1636554993276&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C450&vis=1&wgl=true&ca_type=image&bid=ANyPxKoKsi6x6vGlVJt4JlSKJApeKktsWxmpi56IksN8ib9JuF02O1wRf6DAc7hzXhvJnAM-Qiq0MWgnRY-JE1OkgYoOP_uRLg

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:36 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 53C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.5&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22pubmatic%22%2C%22monu_df%22%3A%220.14%22%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22auctionId%22%3A%22cad0f21d-73cb-466f-a7bb-d29b22bf7e01%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761247891%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22pubmatic%22%2C%22cpm%22%3A0.14%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A37%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=1685651575508990&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554995&dt=1636554995994&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=8551&adks=687570663&ucis=9&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
711c0a3216be2f00d5cafae9a43c00c7ab9cbf91dd853a29a213b234383b8083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10431
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3465773945837500&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDP.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D2%26monu%3D728x90_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554996&dt=1636554996003&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=8588&adks=2718686334&ucis=a&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x22&msz=728x0&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3df45dfb7aa30d869d2e33c594e4f5a5f85c6a1cb505743560202cf213d93a42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10432
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ED28 		624 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:36 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0B7E 		54 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De5g_B8gHEDR7f1tveQphGs2bZkwFNY0iZZfQyt0q4jCuMxyoZZYNjtYoFRp8qKp-KrksVUPANjugvobC8tvBCM7a125zasccrHwCOUXw9YYia2a1S-xYSlOmr6xF0bHS4lEPWJ2vf14VklzL0zZJVlikC5A&dbm_d=AKAmf-AVJaUy1kjAIwxMH1RSs5asaSksQKIr1Z2yFoIR_sawq4YN6kdcTMpJ1Slv5nHiT791oZZ49_BBMK4LMUEvsCbxkzAffJG7bszrX--pkHL7UDPNxChOxp6GxIMIc-4kQUuOLgJE_pNR-rNg6cXtc0ozzwb35Oagb-qhuOcbNv69RcQBzSwNHBJBsYLqwLgW--VTHbJHviokiQ2hAFwbiflwDq7v_MAKgujF8qlfdwpsyJH_7mNhvWTiStPX194CzP8wbc3FPD7FLoXhks9otv00bf1hwTlnNjAHPXnjMGfP7Hm29pNtC2Gt6kV0o5BasxT8u9XbQ7EKutcXxFz3xyh8yIH5CJK6siYSVS378DgHzHTL0WW2OTnYEncHaSNt36alZvO3BlyqtnFkVPwtEdiDl7l7PA4P1rmddY9ZI7mOIIZvaRK8WbeShVeI2d7QGsonKoM3cnazlSk4buholFcyArK-6O-89D1Z_fSkUjrlyAYK9Qcnpv88IRjs2RB10qk_pW1kYCdpYx3wwA5iJmmKhg6QEP0gUF3dl9tQRNyqEJatcSDfVOFwyrTg3fLdk4qUIggpGu59vHw1GRjJnpMIVI0Gwy3-OxlF4YQANQO7h10XeOh0wESM1mpZpxCpvg4br1evvcw7w_wK7kye9qcNIelOXV_7Phf0RQxs7d7z1vrVvJejflyR3HvZ8lvS9sMipw3dhjLyloxvAyt8-T1pS4hfvxnfubJqe1VmU9c_SPo5aDTv0XyS2VR5s5Qra8Knghi6UhRB2wm4pNJkz8-sglhHZqrN_z-mPwyREk3K6j5XVBVYbJlrPFCfTbO9Ia3XS5acVqgLt-DTXmRwhwer1YGRsSV_ht26E4NtvRPJtpOI2N6QU1f0EAU9sZOjxnQGEovFSii1_zdGJovOvT9vAIjSJXjcBuMmqPbyB3bMPxcFxw_DyGKgVpohFB5gaDFE92yRHrMQWUut0IjFK1eRQr6sGUaBHz6I0kgdPXgHpGeMKFRWd-95z_cgNk8F0CFKb672UV02SufgtAd6eEAMrETBRXz_W9YK0n24wQFfEbCtqEOwztJxudfUXUhXTAa3QD17dXSp1gRPw9XV9uIE8CE90PG8QMkCEoUGZOcS_B-IGCSnXEa0mIZntdLLwl7v396VgkyQapNPE3BY8RNUe1nbbyHnbxDsfQP8Ol_wZE6aFyynZmG0BgB-0Kt2TRQcRUr1CVnQ3DqNEu8c2d7tP6BFBMrIwLcV4AgHdHU8Bz0wyVozjvSvu8siePLOBAmbyI8KFxCWEBA5hG3JT7oN4iVbkyIn3vTIuJQCnfRMClLkHEyG4r_casM7xn0l6yf-5R4UuQEKW07VgQyBEzXf10_X80PEYkmJ5GR2jXfkJlFPMa_-Y80232D8PlGNijgydYCmDIQP9eXC-N789XBPc7kE88zKJPeGddXNbKVjlHkIUZc58n4smvuCwkO2S5w6ixtqgw6aWUieVvDbhh2xyOrwARYJz6m3Y6xIAbAczvXxXH8EIbK4PXsnnVm9f8ol8vj5EQ6_BqXM76ceyzjcgpTzzjgCvTkd6VGL0AftQ6PVu14txh6cAgkFVZU7IMoFn5rTooxWy_gcGReEGv3_7GjOjYLWRo2q3w7egq-HNLPihU8OMBOpqfyAL92JWSZrJVH7XOy2g7__WPBgeFET8LQ6-sof3VpyyOGtiZB14tAjtmWn6TLmRuvb8PWLj-zwwgOW-G7RVHNM4BzU-kwvexkOflcgJbroxvSYaPJ1hXatdHLu2F2rTbEBc8Th9rp0cEUnhb7ieo94grzaXUVm3b_isP6tjFYp65Y6Sj3x7wXIHEI0oN-GAiJ0qyaPWq0x_tU2TLadI60tuk2VIxPCWXEp4kFJA_-OofzG5vejqrw7YEfmgqcy7rgwES5aljwZSVOvMIw5651btLgsphQMvASX8JNhTlpDGZN43lnHcRX1ye5DfCMpYWfNh7VEboPzhEYs0N8Cs_Vp-vC2MycCAf0qR_9XeCsicqYxgJqX-PZuDCHiZqZrwRZOZp3TNDYfKhOLF1zdVS6T-Cs7Dujt-z1o2A_PyvZAprDYEp1T98W8jkeIaQ3_BYbpYk-ovYfPjU33v6MMacZOY3D9Uao8ZcuHWaMCOl_p_68s4TJfI8qYh0So-jWJHku9BQeU1KxD9VCjWM6w45SnCWiI3HFljuF-H_cbXLTnBcEgIhP82pITa-MY5YPeqLv6b-BNwmPAQ6UrHNbKRVrUOk9SW6JsEO2iVcizqGWi8QMLX_dtSMtMPQxnWMar7kv5rxzspiHNwSIUKozqXNS9R4soMCVuottBYDcMp0s7Tc7D8i3gANCCQYF7Jx1qzqeTCJ7dbgRgJWorONZsJB14mQ4Hrj4kztoS8Vr-UnjNdByhD0vFt_fB4pkc9dJgQpSz4j4EInolJGSG4diZ5V2dzltovioIeChlfVP55slkWwb6fhQfPUB7x8n19lHpUBpx36PRBMzsQD-jGXm7TfgtfZKoJCYIbK20Dnb14GLnj1ElFQXYpcQznM9J5Bwhx0UzO7Okwx0NS6DIgccrdjHaIecRdNqK7ir-V0Ou60x7XCuUlxVppXpteP3tuNbrAJk-4t59jbrIV9Z3wjNJYwMfKS55rG3yK1Tih5iM4xLI1BvkwKBuxse6M6-IzlkzX8-1fT6kUpMZ6bXO4J1Q9TVD9opKdrZ-kCFdAKIdz8dOj8Rdp3o6LFhAsdZn942wQEokOY6wLt2zApKR6Qox7ltOAqqK9irlKEVVbpKAL12ESTxuVPClTt6-K37I6c5gXrGys_-ZyMS_zgJ-4NUgWwkpbYLePmrkSlrTlUbrfgzMDQSE_9lyn8dpwCd6biUYebNHYjvHXxPbiKsSyUQQDony9xEQOfQkVaXZztpeg9q4Cf7XwGvVdEM7CayQ8aObzRjEgUxAw89YqTzscKz82eIEYTvhDXvSPlOh-2nLsxK3XWDA6qee7yADZoqR4Ua-NydUIE81w5a-O9i3&cid=CAASEuRoh-XempNKW1zbqo-WmtbuBg&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9769ab6ce940ef81f427314fb44ce5ae80ba1efe11d94c70722d2165b55cf50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B7E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIq12Kfm4QBL3WeQitG24WN9zyZ7ayiAR7xN_QwXdPHoKD286Bhlk452VFBhN5A_tGticA1t-Ju5wY5olb8gDXFPZ06VeYlCw81c2dsHHEzMO1BZ4
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0B7E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B7E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0B7E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 0B7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-5OUTo5UkmIt8_AGZEEeH22MNbzrcvx-3nrCZdKRRuk6x_IC0kJ591U0PftdMU5FSkQA_tkxNIXOdDwaEj41PlSt8kg
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 0B7E 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31fk54eucv&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOCJ9fQ%3D%3D&sb=undefined&cb=7335561&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
9604477995710886989
tpc.googlesyndication.com/simgad/ Frame 4810 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9604477995710886989
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9139caf5a699497154d3a233d16b3ca047ff93ecb446d1267fe661527bcc082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 03:14:30 GMT
x-content-type-options
nosniff
age
472926
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72643
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 15:40:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Nov 2022 03:14:30 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4810 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 05:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
32676
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Nov 2021 05:32:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4810 		295 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 23:42:59 GMT
x-content-type-options
nosniff
server
cafe
age
53617
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 10 Nov 2021 23:42:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D824 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:36 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 612D 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSQaK3EK2H-P9mZ9nJgvakTH4QkrLii8wrqihpMj6W81slHDgs1tKv3_PIBzRymh2NP3UageBZDUd_uZXbYOZAyp8MTR54NyKpNwibV0z6EKGPMgshw3XQKVv00SRjU13qBAz37CIgzhEX6HxTdsGN7P2IRA&dbm_d=AKAmf-CrdCttvcYu0VwIistdphm5KKWgLQYEBiT4_K8uHu0-ADaRnSyhIRBJZsQoEHLi3tPcbJet6zJxTTBrD6Q2iFy689hGTITbyDc2el9us3itVgNo68S0DmA64gznYClIp5OviWzMzga5aLGddIW8wjsoxWigOoOTr6dO1Jp77LjXkeRrxnVYCed8mDbHvwI0a9uck3DRNQl4fva2jVFSWjLP0d-usqZXFqseg1lERS607DDboeefT1tnmUfQSNulOW3MhOvGYmzuJKaEbKg8phHc8cYYXhZmpTP7vdoNJU8v5PI2PLbKpLwOGYxm8nWlpYNjLZ1MPkm5BqgpL36MimWt4KqOi0DHGX4OCzHw54-oOc8uwP_slL5Kn7WsTxvlVnmH_K5cFzt0X9G27oOfCAuC3gQtx2aCh97MVP-0NT7VcxbZkx_o6C6myZsaLWa27QosPlHFlu10IImEEkO4AYoYg0PSekmDTOtZ4JlIcdwpfUfW-iF9pSibU9nr8NhC-Zxz6_G4tXGE9axV0A8NZFWef4udKiFM53vqKxYcyDNRNXwgJKkKI8BX3jurOiAGyqZhchYIJ5muKvVJPhQ8CrzytN9WQmNlBHMsjXsCK_NRfsmD-T0vO_NwXDSLa3emMb5uOh0NkeiO95TdttM5fkhvR-gs3CkZfNjhUIgyfLj0kIH3JxD6Xnk0ILq5TPFAJweOfYQmouHE2-T6CbWOfbNZzFOul6cKL2WvS4YIxoFfW4qVwmQhK3-BOVbpR7YBlrMCn6BHJede0cGeQsmnWx3PmC8s0KLIT4Fic3cG7_w-bYAIVt2RkgHbZ6IRR3QJ4vA9cOznOYZ6TFMWAhUPmFULf7uAklcJ5S_X7NMohwA2CFPbMlY6N9AumTSU7QYDxXhmLya8IhdWy5YzDDUfS_ZvUsGIofNDPBJaVEUuc-sHK9OEYWUEM5nNvr07vrsw3kGsv40CGWqy77KZV8hJclsMd9PqWVOVg0LrwB0BzWvDsBr32le7MImsgEz3kCPIumYARVDKWTqEurShuBHuT9nxlO_PI0twIbYCFV_W582svQvSt2iAnWZCY0hftgpDxaOGAdmC2uihDwfMrbBjB37MBFHoouXb16p24aRT3mvrsXsqMh12HK86VO1gEjvNGu5tI9WNoeikN-8iMCKwd2GGkGAU7qhEqyG-IIC3V_NCdXtzKtcd2yG2pdtGs4tCwUC-9pLiR7dHWS8c58UDJtuWzvSMKgfJo9A0uhUfyjYsKkASseM3bzXYp_24y614B-TrpecuuF_t_lR1mT2iOLKCgWki8-n3rLM-2Q4NxCsGOe7qHUrx4TH-tyOT3mX3tMYZ20U3XQIF35AXiazmMSambuq7xCm1jksdhpDaQMUcEjZcgUxm8v97udzYH6j0Hf7eM4u1gsswJRULdBEIoA3X33GHSYC_LaXIvnVrANZhbN63xA2Xvat4gTjtgJB6LmC85JWidcT62_4wYkrBzIDUl40LjSYHh0PKTW_bmlEVnP5IvjiITqI0xTYQYmZ97tQ9WnWnDxcBp-gnp0RPUNdgFztmLkKChR2BGzIV-CaBcVeGnkSgJIVWNMvMlrzs_tk7NqPVjBNg0fA9GHEQnI0hWWR7xFzDFGBl9jlRKmcXB_mqGaK_odhCEHp_JVoFW58LwgFP-CbCa2BgcDtaN7sbPayw_-atYogSNwFmTZ7g8e7_5LCYK9537BzEtGER211b_EkqPlOZmdwPr6dIJh1jZkWTmIfHjFTNzSV7OQbPrLcGz5PpCp6Yd7Q7Y10EDd96kjimoxLyeGmvoQwTaXF6cpsq1FQhWk_M45porwKdaP0PND9WIy0u_xFMBv5ULkJg5N2yuT5N8Oa7_iazdYAMvp8FJeq3gSxhG4Wt-6wXGusik1F0RfmPNfZD9SOHExsUK1QRpWZb5CIXZsn-PFBaUq_Iv-PJqCsUq82xLse3xU-scdUJ8WsxxYflZy3TGVfsIlLOsdV8g9yMRKNN9q3vla1g3i1JHD_pEIV4mYJmHDcysIggt4stmCx44qRgzxIyQZ84rKePetMm9V6fdTuCw6TNKbehspqQhq_2sGqYEuSmPynEXLI976aeJ3OM-Ggfa9PGaO_9oA17mm2BZ_KUq2RqFEll4BRhu28Y_Yw0GRZA6-P4OTLTKIdbe_Hcsd9d_Goq8BzTsJLepNe_CEPJHW2TDMYcqYm8U6XPwzEF8Lb-NZmnLPDvz4NcXF8BFzM3xFyF0m1Ri-V_NU_dWLGqLr82VFXx501CXwfjtitNymV4UH8gukkN0QWQc87fZTPgbiKNH0O1i-SIPB4DI4cdAMoiH2VfY446w3TCJniYK6LAOvdR1g2jigKu68G7HjU-7u8AsEaI2vucBWJpqrZdg0wG3AvOC6H3fUnG-qJCh--3mWMHoVf5VeIMFixLTP8Y8JgQSd1mu-aMZSFAzzGBSHaAVggz96WgqfzoBwh9w8HmdPp7PeVkhYPeI9njibdaqgV2QUuQxoFstVr-u9KLLgOlOEqqXB40ywDqghMK6JyNoP7A3FZ6yhn7dWAUQzDa7EhFHC7lactT7snp9pKLtpBFUANiPTVbVxe95Gt4RSrL-YBQkWyIrCAaJbYN_H-jX2T87ycylO5jOC9qPRUyTtT1nHLd46ZBEowa9Znwoi7TiWz3ri8Utq2cOQ1Jfx1z-8F8&cid=CAASEuRoOuk-MBYoNRfpow7MzgQi_Q&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e7b09c1f0d09db9568e26d519880c3c34f9a4a0932bc13a2471a05de53932e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9580
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 612D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvvimH2ZpRqSoUtPFniPRDeSigoc673TWqQrLdhyObhBuMjkoKgxsdIZGSzo2MRC-Rq3GT_EXmTbVqI0Mo-it32jPswvF9ZvaColLQqNeVFhIsQrs
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 612D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&dvregion=0&unit=300x250
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 612D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 612D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 612D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 612D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKyXquKksQXwq53pLGl8lU4WFZsVUduzljyYC2TUI2jjcJrgq_INM5_ouZyyH0peJwPp8RGVlBkvpd0wIcTwPGLBVq-g
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 612D 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fk54eufn&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC4yIn19&sb=undefined&cb=9905509&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3137703672547216&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDR.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=pos%3D1%26monu%3D160x600_A1%26directDeals%3Dsticky_pillar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26amznbid%3D2%26amznp%3D2%26tynt_pillar%3Dfalse%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554996&dt=1636554996239&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=1194&adks=284499190&ucis=b&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
89207c9cb9b3e01b180ba19465edfb1f2dd8b49355b9714664bdefcd9bba027d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8652
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3235865963673049&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDA.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D3%26monu%3D728x90_B3%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554996&dt=1636554996251&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1194&adks=3673253304&ucis=c&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8fc2879c7fe4ececd774590427db68834aace545e957924f3f318a3430c695a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7980
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DF6B 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:36 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FA06 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw9nI_jeUn3JFnX7uf_WkBqGeynGEPZV4JYB-OYcJaPJekM9WdGzXLVsMl7X_otm4XCpxOmtTnbCd36bySBvGzixYB9KT4XE-ivHRxXvUgIVNSYcpyuvIIXta7ZR0QhQ9CKmWAUN5ZnpRXbWzVMCC7YhU1bQ&dbm_d=AKAmf-CAdgXyncBa9P0UTIgZcH594wdG8EoLF7v4PMtI919KUz5SVmtOR2-O9qS77kQzoEfE02puC4_XbMf6k2AVvBiAPrhgGQ80EPnd0Jm8qaNcMDbCPeZLBZ9jOmhR8J5W6l38wFqQ2dPboMKSNbJKbwlcPcKzdopwDXN96JAXnRriSWgtrAbdcM7DOuI4_YQJ5GqHqc0eKMkcSVqJX8APuPlTs4jyQEemNWuJxfrT0lFIdQk8HO-oRlWu09SKEJ5AhEKpWpLuZY_LEb51YEIZE9K0TFojG43GsOVpGRYaUKyglRlS953m7VnYyWDKHnNmS_eI9VHHruU4vveL1kH8pmspu7tuot4nZ7x4b6JCK8UO9y8hohXj46FR2izkOC5ZEJoZ97j7pxOcbwtNVbwK_vPiloHp9PIYe3nG7dSMfyhRHlDYtax6YcqFkTGY-iFLfuxTfiQfu2SF0qhdLHUHXlbuIOOTQOiiMy99AFU-_963UnXBxtgBe2J7qlnAMje3B2dAEuhi0SMpAEon_qalOOS5kbLXN8D6mi63-C80ZfVjd0J62u91KfMGbGhO30Bv8KZ7szYJRcb7c8Lh17SCTCQ3Y9Cw2B1-lQbG66NBSkmQzzuYvfJ-rsRsQEZf_mzfCnfD03u038eZMd6wumX_t71QvqRaxg2JIcWisPMYD8jzrG_-xvWFMwlID33jLgYBRjs96WHMp5U-NlDaLeNdyb34ErqLBzwOOnHAzHW6ByqxXA3hUeR0mCJiC-MpCOVbCpGYj91kMgxxM58DipBPWwvOJEKqTh7rhfVy2ZLlqpwDKfba1cXPaZtbw2POB5xCDYXecjnQjXPtZPdCqRuaav85-yayjln-c4bNcNpiRgUuPR0vIuBpbHzeAiVM12RG9GgjpPKXvoQsCTUFir6R3BAKUNCaUsnHkUvTG8MY1CPDT10j9R9DW1aVLGnbXZ2ng2JMhhoNZO2j_faGNoYrJZ0J4AMcg78Xv9e614prW7txJQIie6lMd5OAVccxu8JN1lWuVhW3342LCtTEOPB2w9AjbaRxCGz3Ko2avj-pViCimRSb9pi_hkztk7dUyIF_CUiN9nnme73EQV8zxAfkKpLyhnTT5_ebPmcqHpkU967DfQdGKmLrFqDQSdEs3SaatVU24iF6tD39TFmgUycHyQw-udWFwpPUu4i6sRfTVtUFqOQE6A6XyHfoegrY00ZBm_XkZC6K1Auahegmn3juZB8Ls69ZVxlIgTxuLdsXhwFyEqyxah0c3xyRyv76_zfDIGpMgWHj1Kvj4kbNP-wJHBz_nU9VDKWzrrZmUZ2fy0Kt4j_cHgeZpWeJCxOqPA2lOXs5bC2CR4jm3-2pTgAnG_Akbu0Ds2czKFzXFlt3o15uU8mDhza1i1IJSyiTuAlBC7UpLNFHlXoNBmmMSrMyA4mhwuin_yfRUqch7M3RSqLwtXRGBqjAikVzggrHNtTVKz40nK1sdzkcEPelNQiFnGosBxaI571CZBUc5qkQNnAPE2dsRQG6FXuJF-z3N2TDiNR7S0v8wpoDAVtpsPdC4WvoakknnrK5zkurqDEARgt7xNdVwuG576bdQmaxSp4WyYeEWrnEZ2suyDIBBLut8NFM5cvjDjSPTnOGadygHLFpDCRVaKg4faFT4kfintvfGL9YZxFMo5_n5_-2eFDPM4NFFlHgKACUDHsLrLFj2vnj6cjeraJJ2JPRhULmW2TCyiCNH5jtF63x4uOFgXgWMGpo7qkIxN7DH_LRDECu3mv2Byfq1VGlZw_WiGF650yVuuftMAKdEIDzuO-xQpXeeaKHZLcI_23A_gQtO3Rjoc669JCeI9pI1jYDRTUVh6aKZ8-6SelmLPXudrkuKV2ptUWMBmcGBANaB2bzzkCcV2v98JiR_KzTmXshgEFDFQ1KflVQYSu65Hw19zWBvT0_YaNfC-goIZkc_fdFtZ8AQbq2Dlir0HpednU1wSf-i2AkrFmRGL9j5WqjX95JMhMiLeW1SH06k8rs9aILWBBYAX2Dr1tFJrPK0cnXDRvNbcX8xmRwDCk5f6N1QRhNulK83aZdLv4-Py2kRd4r5l4B0vUNLV-8Vk1oX8miBmxklvTP_Vr142nNBO1BclABicNAETBcLUbYB4BnRe8Arggg1UXu0dRgenBdKxEdyJFYaINrqjNEa2kPc1u7jVP29VddWUxBAKK--7KIqJwLpwzpJCMlmGiSWeDpNvlIne_qXpDPvlGVcyndow5FxGHYSrQK0rLtOC5AFMItbelAudgGoV6wLzNO3Upo7yKGBzWXbCiRxlzFoKCKFTQL57uhnO_KRFiq_84ADfhPqXtcd3_k8XXJfGm_pmP5J5n3shdURpjl-cg_b0hlHVVXNGuBrgh4h0oEPA2FinJYfZk2BVN8SE_L1WZUwtWAJcFJfEVrX532PtDIcsmvgu-w3lxt-18SALMimMNvshA9A2APhsQYU3S9X1BsYKm1gwnYN9OVmKrGAxITAu4wcvyfd-ZyVh7c8STrLwrd8T9UmwvxESH75P_f1ANgA9R-D48aGxsfvo9h0hda6FpwAL9DnrYMZNht3budAEGO3q5N5eMlZ0usH0buHSQ-Ojg4ESsjvITjIfrozJZYHvozjrjYd6QhEaQUX175WwEN6AEamE4nvP1c05knnrvnYZRatoRUzEa1_QBbiYIS01RK&cid=CAASEuRoTnyU6u6vW9-gDXy6orIW9Q&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
970410d8ddba4d13d05a51c5a5cb1a2d3fa778cbc7e0f013d48ce6518f492f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9545
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA06 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AelMRNeMiqOnKbPRZPtyhuGr1JMt9jzvaY2t30bUM3wTP-ST7RZOcWuwlGczeKmJ92vqbHuvcXCLA0LOAFvpc79AlmLoTxfps_amupakD_ByvnPiU
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame FA06 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&dvregion=0&unit=300x250
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame FA06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA06 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame FA06 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame FA06 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2QCAT9jDM-8tKdzviscvli6-OwKoVE5_k1bVtOi7-RZq6uglsy7ZcGyL663AqRya7PWGb9iy5tm8003sAl3m4GASLEw
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame FA06 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fk54euif&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC4zIn19&sb=undefined&cb=3605172&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3551 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:36 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0B4F 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNK1eE8xLZSKaEQlz6RdDX2CWDpZ4rF4AlmMq8yoVH1gTxvpRpKtPHYi3l6KA2MpvEvwWx2OTfffw5GnIpuIDKLLUdg72aXE0YsfkZzUu2c4SFNkEttbsVCts5eeIafm5RnKGiY7SruHH2StfgquG_WLeWiA&dbm_d=AKAmf-AD94osah4cn3k4KQXcOLDJsIKBR4uMgQYnI9NFZrMH8_wZ1_P8Bht4GJD-420nqJAHPjAYMwv8BvB8ezCtbSTO-HiZAigtgQxavdkkflPf1wZa_bp4CbcOp0rcNXEx0Ll3J1dg3QP-Cv_si4hIiuXwZyzO_vtUb4yRoz7ESuQFNGQIqtRjaEv8UDdoMPw3w309XCsllwUkmRf-O8vBLyHFVNoVM19sSAmxJa_HubKcghuj_sGYb9k7im09QmREjuYEgLylFPBk3SCChlgnuLjo7RJOEy0NFVs-wCgdH-AllGU79-_ht0J5fg00DB_oyOFVzdR6VeZ97F3sXlsWuwQCzsGDL1aRM208c_AbliulSOeQLBjmBXFd-6xgngdjILSduvF10_uZkwRY081ql-QHuk7BLHxW5feELC58flH8tlXCWVxAjm20Z-MHwSSWCrs9VVKrAYMLAaIIihbAJaX3eajIvtTFvpOabR721QEEJjw3FFevpreL33MjGJPZvDs2y8kcOhlMfSx-cwLCbFJn9_tJRzsbAieXnwEED1eP1m3EHTFpGfpUeXuujPBtILKp0rsC0azNmG9avBvcyXPC3oR0pco9sY2BSqE9fPQeqGoZVGUP9UaXROozqraFBYJPuUXZlfAwKqIZfA5ngsvTjl0SIpiNRjQ7fQF83ZuOV2W_rRQWB6sAP63JbOojwANhMCyX8j4iqiIFgXUxXI1b4Y-7pzUS8XzBHeVATsuuw8r9Gm6Fega8r0q3PLklinz5rUu5UN0ky352hxU_wf_cTIhtQSiC_vStLuJ5H9G-uc8qeK31Io4ATmFMhpgKCD-8W47qHLuKvErc7h6fbjFMZY-oWUWNkvilBMlNzJBNqV5gwP_8cDfBPelarOTZX8iKKQJGzsgL9UlgNHLfVfxUPAVEFHy1_5ALMzincPDKlVdDoq-CocrftFZc_VavEPikq3kivkfZVtalhSYZR64xrVElRcdY-3BmOrXwV_VEH1nGQ7FU2I8QCeIkAkMDKLv0tem5sQ9V1CQpcrgBz-KVTbRBsnVMNIDZxeoVMgl7lQGODhhzBwlKXg_4DtmaqBHklm6giexCd83cXAr0OiRR09sPYcfYl0EAlSCRvQOtYz6XVQ1TBp4YMBJJysClQI-pquX84w-93EJC1YoDt5QpM8LLiagaxkfbJE9zYEiFbADuc8XqeP91L4umw0fecCw8YuacWeLn1vlQPzB5Wv2bJzl7reaUYTVvZlKBeO0Dta5q2M6irh9-1FzX6VUt2THchtXVmDtAZJueGsmC4AoFaKj4IMj5j7F3GysNZ0UtZOGyxSXU6bNOGIBgOZbjJakPXe3-HUnVE9pvuKt01y-pAxIdn1TP5J16n3Ka26iPpjcIW4zQ61_R3Vm-duGOSk7GO3RnDpGXhNRs-YSSp3sQaKg3OP0YTuVdq2ni6Yiqb8QwdRVsKb74HAYIByGEn89iyLZwrUjAZcuccAL72jKSLLe92_pX3eJC_uiwb85JIfbhSdjegqjiB-d_eaAIj6B2trpyZNyKdicKIBC_KKGECeo8Qx9yk8C053hbOhTzqe_0JEXZCr6TIKsGnme1W4ztGpHiiV9SxxKFkWBZonyjrjBCOpofWT131xFOTSU61BQUm8c8wYSwnrJW8w2PQpak0or2ibZXXpi_nPLEKR8Yq26vM5KkZTpEtJ1GRaw2dMmjQpjK1BdSjR1S39oe7EHz5BIETHEz2wFiufDt4Tb9O113TEbS9oU-97vYBRUPDCQZBSowhV4Crtr_tELPsxKZvB6XUhYfVEc2rIQuY66VhPw8mqazexU6TAbh9GLLd2gRyGVoF8ZBsJzcHjDLzaHB7O22oiDD6UzPgmEBY6d3o3d1oNQdgmGT7p2YLm8uns0RFuU3rc7qqV5Iu6H1X1VOP1WBMoH7m2TT5UvaLUB11IkvIFTuPToEWFjuKPtwX5Y42WSJyUmJ0ujHbfuZhikE3RJoL6SCKwEGf9q_HIs-JtSHxEikJSFlGiDbO-qFEvMjf24eIOhK5df0Cut8enjzvc_NvRbje-jZspYevUaAdyVLTydAlp4ZL7t-oNVwit2-_lf4IQQDX9KBIMqL84RGkQG95fN4dPjC_TcwsRaB5fYt6uMy81tEdz5_GtLCUPSHqCJmF8Vd3Q9MoQmpQdHEC5DT20nmAKCoAYs6vrW2pNNaKuGmIHoPC0ApaW5Zj0YeantrmMrhZkwNHW06m_pyvPnEFq3IAqmxSiDQJ0c2YVexEkBMUi8kHSr6YsKq5G1XNBUB8OArmjs0fzXqBSn3jmuSL8yGRIIZPCdvDW0l5hYDMxRS3QOlUUchXTcqx3Y47zcadrnkOHtH1PoGf1nzNYOx-ixs-75vih4iStt9oGsDXBCkIUcOe_lrH0NYH0Q9X1zCRjxsBZyEfv7kkrJVpsUZ8A1ltnwWhhavrqSIZN7NdGGgAcB7tZytqDI2yxXXHRcIw_dk20uRr6nYPwArBpMchVNU0Z6FGpHqtQt5dRi62NILqSGCnSWs56t851PS1aNDJeu_DxQsKpGJdM_F9nbAP_UT_OoTR0p8mrgwXad1KblqBH3uvM25ZzZUtMeRyZEeSG6qRIAGa_q6SK06NIlmQ7Pdu4HOvtX2FFs8y-oK582tm_mG3cEYx8XArVOnmL7UDguDkdzUJbLePE6DPaWn&cid=CAASEuRoXaQakTbnhYOfO4s2C6Q28g&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4acba05a8c466651168c751bacc556a5243021edef99d7e0ed2f143df1d11bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9619
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B4F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dku7aAlTV6eZFPkmCHrbsjmuy1usTcjWVasiaV0ru8ihkZ08OaUhc1uWDWYWvGZjagISqU2WmBRx0yEhYJ_oOGLLZm6pK9Sfi1t55VzoC4gG2dadQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 0B4F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&dvregion=0&unit=300x250
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0B4F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B4F 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 0B4F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 0B4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_HEFd7xcjCQ9vL00uRI54LjLzwCBM7cnIools-x2NBo-n4aCquSuNOKp-f-oxeL08CuP4l61DPhp-VTv37WOiYdWYRQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 0B4F 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fk54euki&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC40In19&sb=undefined&cb=2091149&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:36 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 622E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-d8b1bd4a-b072-4974-8f17-086ac3117e3f&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22appnexusAst%22%2C%22monu_df%22%3A%220.15%22%2C%22ipin%22%3A%22GS86FM-DDT.D%22%2C%22auctionId%22%3A%22e064fec2-7ea6-4ddf-99c8-b55ff4078454%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761666171%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22appnexusAst%22%2C%22cpm%22%3A0.158449%2C%22size%22%3A%22300x600%22%2C%22timeToRespond%22%3A165%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B81B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.6&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761908843%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 428B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.7&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 93C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-05200a9e-ccdd-448e-94fd-9ec5141ce8b0&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDP.B%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1681
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10881024/492x277/-/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881024/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1636554995-Ok8XXbczYkclxrGNfvVW1A6ijUglIPtFHR4eZAD0l-I
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:46:59 GMT
x-mg-request-uuid
76d23b65-f4e5-4775-a779-21d78bf44a9d
age
244682
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae93705ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxY...
s-img.mgid.com/g/10839610/492x277/-/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839610/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvZTBkYzJhZWNiOWFlOWMxYTY0N2JiYTU5YjFiMTc4YjIuanBlZw.webp?v=1636554995-Fs7AIgE0AHChsC0Qed0lWyeBAxNxiO4Tv5_qgDxEJDY
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:05 GMT
x-mg-request-uuid
0376d1fd-52b3-460b-aefb-12127ee304d1
age
227431
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae93b05ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33936
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/492x277/0x20x598x398/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052393/492x277/0x20x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1636554995-QDliInaI_mtgm88Xho_LChOC71vzVlJWvxyenjJyW18
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:36 GMT
x-mg-request-uuid
71ae3ea5-60f3-4823-90c8-946cad1accd5
age
1043177
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae93d05ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2FkNDhhYzU0NzFhZmNiNTE5MDMyZTc0MTJiYmY0YzEwLmpwZWc.webp
s-img.mgid.com/g/3882295/492x277/110x0x1015x676/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3882295/492x277/110x0x1015x676/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2FkNDhhYzU0NzFhZmNiNTE5MDMyZTc0MTJiYmY0YzEwLmpwZWc.webp?v=1636554995-x9l8OxMhCa3UkupypcWWj7iWgqSu4301_igq_H-AYCg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273a3ca8f48cad1e6de62434a1c4cd36d39bcec424f21105f23d42cab1a4850f

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:27:14 GMT
x-mg-request-uuid
73aa6d92-a641-4d32-9f43-abfaf5f29fe0
age
19929
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae93f05ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14804
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzc5LHlfMTI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85YWNjY...
s-img.mgid.com/g/10839628/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839628/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMzc5LHlfMTI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85YWNjYjNiYjRkMGM0ZjJiZDM0ODU4NTRjNGMzMmZlMC5qcGVn.webp?v=1636554995-ujdwOk7l-u2OmPkNM3tRzw0By8C-S4S62PR5BdWjzLw
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97d248e9126a7a1670aead197ddaf9333333d502a99c752be5482bc53b07c3e

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:41 GMT
x-mg-request-uuid
bf6c8c8a-14e7-4cc9-80ef-1278f66464a0
age
2620090
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae94105ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20396
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.mgid.com/g/3859212/492x277/0x0x1001x667/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3859212/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1636554995-u8ttEJd1ACNhE5_E8AMyxMoaBh_2XDRl-Hvk27Um7Ig
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
075d8a746e000aa5e5473f0f6603aa02f92da4f0fce02a821c12eec05f742a9c

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:39 GMT
x-mg-request-uuid
06a29c77-1428-4874-b658-fa5c46bbd56a
age
491767
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039ae94205ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31330
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805584/492x277/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1636554995-HzAdbK6wmT8NWigmNoumRenWVjxELFrdGd-2o2i4YNg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da2be1a1b3874ae2cb01caec2d7853fb3f40fbf17ba2d7c0b47193111ea9ba8

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:36 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:06 GMT
x-mg-request-uuid
b71475c9-f838-4a2a-8ce5-2522aef1ecb5
age
87909
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039b29722b29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7504
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp
s-img.mgid.com/g/3944300/492x277/0x0x900x600/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944300/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp?v=1636554995-fHTi0Vzo8I8967h91JIs3etqJWRgqQ0N3uWc8ANx_1M
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c8a0be2359ecee88fcf23fe2e94be731316da8f49701544ed3f72b3daa1142

Request headers

Referer
https://ans-wer.com/
Origin
https://ans-wer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:23 GMT
x-mg-request-uuid
a9aa3453-3ca2-4e38-8936-6fc114c3ea3c
age
1023378
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ac0039b29712b29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12144
server
cloudflare
sium
ih.adscale.de/ Frame 0D75 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.169.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-169-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 10 Nov 2021 14:36:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 0B7E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9506
x-xss-protection
0
server
cafe
etag
11173536317444432557
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:30:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 0B7E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:32:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B7E 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2JXNv9s70HVLoEcJIWRIMksTMltb4shajoSrZHr1deENxqUEPR3SOYVrY2qi5B-neeM7OxmyMjYJ_HfoENPmVtyUQMvag30uQmF9jgy9qzcMXIxr7I6i4OVkJiCznwQEAwzzi8hwmPHksPmNQmeEdznQ1EAQVbjCUaDEkq05CzhZWSix515csbt90KY1o2s8zYmmLW2UEGbXbvFqGzDHL1QP5LSSZVha-wD3T4nFaUn1rY8ltZs1baGHSLpMOzF71vl9X_cfbSZSOEBvzjhmF7K3V2fIyqAWicVL1oZ86lEqUUpRz5sLdwdHVfEeTYkWwo86J4YuRYxeCD1rp16Q5OdySuLG9bZ7v3FUuzCe_2LD4J7eRSjkytXKYDv4eV4xe_AzBIbUDmXA6Wyo7os585IfwP4uPtIOCZlQPikQv-MczqBGkwy0wtQ5dSncFHCoHowJN-qAotc9MYBsmjgy3Wi4SU4E2uzRbUROvVYtOrYR0JouogaZBLLcNU77B9034vlkxnsd1aEgzlIzigPnHPOok0RCHLxrVGIaL1YnwRV1vKGT_ddmX9-9mTYJC79MrhhWpXxk8i0dQYWAbP1u285rtwE39kLtlRZNIwMkIyLvxDL5p_i_O6Dgf-ZfJE8h6YEA9EiDjiKHq8fhPNJHGpynLU6wuTo6yUgrDUURYVpi4G9UxTv0TFaL9WvZNP8BOj4sgeDGveMqu0MZAgAKcyQFl9Ssy9jJD3OPIevEpgLuSKgLZN80GcpAmhwjz2zIKI10Ta7dTmkguSkLRukkz_8cQ4SVv3Tzk9tDJQxwfM0X6c9hb0DQfdcqg2LvdMw35ODioWulS4FQC9Cs4XBohj2-7qyUUARAiKdUAL-UBzC10h2t2qTuhsdJbkVGC4VvIAGTlYnNRa_hbREqB71RSGke9qfCo3kYkbr5dkzn4LveV9ujnhWaIl8qRwYl_UV18u-EV4D7q_VO-6Kz78AxBAt81OUkmP00nEfeTxSlqN8xImpPqRlKZy7pq_L2-yVQjlrCo6YLLPdVuA0cySH-0pDVykjrCdv5L7woy2dFruBU81Kt-_9sLocnZZiGyyVS1w2cBLLOFE9wbwDE-iqAqYonPW6jDETL6b_XPrI_iWrC1tuUWk2Fc2Tifp6NaQK7ZS2vqXAzKI27tLxr521GeoNTV6BjLgtmuls0w1TzUDbwWnMDXkMd5I207dG3kAXMW8Yxk8fX8xX1438m3ueC2GZvFAQ&sai=AMfl-YTi3ddwMCeyS7cfBH_PF9z3iAXkCSsSA9b8GbVLR3L7OOyFzIrDCgF5N_40PjuiPF0aKOrwsBYnbwur_2ZW2WHsFtEb5Eihkev7ggjMp5v7HlWjL9BNuFXrgQZLYpgVuLl49ScHJqC9SDvu1yK28bPL3CSNbA&sig=Cg0ArKJSzHWA-7pcoVASEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.44925&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De5g_B8gHEDR7f1tveQphGs2bZkwFNY0iZZfQyt0q4jCuMxyoZZYNjtYoFRp8qKp-KrksVUPANjugvobC8tvBCM7a125zasccrHwCOUXw9YYia2a1S-xYSlOmr6xF0bHS4lEPWJ2vf14VklzL0zZJVlikC5A&dbm_d=AKAmf-AVJaUy1kjAIwxMH1RSs5asaSksQKIr1Z2yFoIR_sawq4YN6kdcTMpJ1Slv5nHiT791oZZ49_BBMK4LMUEvsCbxkzAffJG7bszrX--pkHL7UDPNxChOxp6GxIMIc-4kQUuOLgJE_pNR-rNg6cXtc0ozzwb35Oagb-qhuOcbNv69RcQBzSwNHBJBsYLqwLgW--VTHbJHviokiQ2hAFwbiflwDq7v_MAKgujF8qlfdwpsyJH_7mNhvWTiStPX194CzP8wbc3FPD7FLoXhks9otv00bf1hwTlnNjAHPXnjMGfP7Hm29pNtC2Gt6kV0o5BasxT8u9XbQ7EKutcXxFz3xyh8yIH5CJK6siYSVS378DgHzHTL0WW2OTnYEncHaSNt36alZvO3BlyqtnFkVPwtEdiDl7l7PA4P1rmddY9ZI7mOIIZvaRK8WbeShVeI2d7QGsonKoM3cnazlSk4buholFcyArK-6O-89D1Z_fSkUjrlyAYK9Qcnpv88IRjs2RB10qk_pW1kYCdpYx3wwA5iJmmKhg6QEP0gUF3dl9tQRNyqEJatcSDfVOFwyrTg3fLdk4qUIggpGu59vHw1GRjJnpMIVI0Gwy3-OxlF4YQANQO7h10XeOh0wESM1mpZpxCpvg4br1evvcw7w_wK7kye9qcNIelOXV_7Phf0RQxs7d7z1vrVvJejflyR3HvZ8lvS9sMipw3dhjLyloxvAyt8-T1pS4hfvxnfubJqe1VmU9c_SPo5aDTv0XyS2VR5s5Qra8Knghi6UhRB2wm4pNJkz8-sglhHZqrN_z-mPwyREk3K6j5XVBVYbJlrPFCfTbO9Ia3XS5acVqgLt-DTXmRwhwer1YGRsSV_ht26E4NtvRPJtpOI2N6QU1f0EAU9sZOjxnQGEovFSii1_zdGJovOvT9vAIjSJXjcBuMmqPbyB3bMPxcFxw_DyGKgVpohFB5gaDFE92yRHrMQWUut0IjFK1eRQr6sGUaBHz6I0kgdPXgHpGeMKFRWd-95z_cgNk8F0CFKb672UV02SufgtAd6eEAMrETBRXz_W9YK0n24wQFfEbCtqEOwztJxudfUXUhXTAa3QD17dXSp1gRPw9XV9uIE8CE90PG8QMkCEoUGZOcS_B-IGCSnXEa0mIZntdLLwl7v396VgkyQapNPE3BY8RNUe1nbbyHnbxDsfQP8Ol_wZE6aFyynZmG0BgB-0Kt2TRQcRUr1CVnQ3DqNEu8c2d7tP6BFBMrIwLcV4AgHdHU8Bz0wyVozjvSvu8siePLOBAmbyI8KFxCWEBA5hG3JT7oN4iVbkyIn3vTIuJQCnfRMClLkHEyG4r_casM7xn0l6yf-5R4UuQEKW07VgQyBEzXf10_X80PEYkmJ5GR2jXfkJlFPMa_-Y80232D8PlGNijgydYCmDIQP9eXC-N789XBPc7kE88zKJPeGddXNbKVjlHkIUZc58n4smvuCwkO2S5w6ixtqgw6aWUieVvDbhh2xyOrwARYJz6m3Y6xIAbAczvXxXH8EIbK4PXsnnVm9f8ol8vj5EQ6_BqXM76ceyzjcgpTzzjgCvTkd6VGL0AftQ6PVu14txh6cAgkFVZU7IMoFn5rTooxWy_gcGReEGv3_7GjOjYLWRo2q3w7egq-HNLPihU8OMBOpqfyAL92JWSZrJVH7XOy2g7__WPBgeFET8LQ6-sof3VpyyOGtiZB14tAjtmWn6TLmRuvb8PWLj-zwwgOW-G7RVHNM4BzU-kwvexkOflcgJbroxvSYaPJ1hXatdHLu2F2rTbEBc8Th9rp0cEUnhb7ieo94grzaXUVm3b_isP6tjFYp65Y6Sj3x7wXIHEI0oN-GAiJ0qyaPWq0x_tU2TLadI60tuk2VIxPCWXEp4kFJA_-OofzG5vejqrw7YEfmgqcy7rgwES5aljwZSVOvMIw5651btLgsphQMvASX8JNhTlpDGZN43lnHcRX1ye5DfCMpYWfNh7VEboPzhEYs0N8Cs_Vp-vC2MycCAf0qR_9XeCsicqYxgJqX-PZuDCHiZqZrwRZOZp3TNDYfKhOLF1zdVS6T-Cs7Dujt-z1o2A_PyvZAprDYEp1T98W8jkeIaQ3_BYbpYk-ovYfPjU33v6MMacZOY3D9Uao8ZcuHWaMCOl_p_68s4TJfI8qYh0So-jWJHku9BQeU1KxD9VCjWM6w45SnCWiI3HFljuF-H_cbXLTnBcEgIhP82pITa-MY5YPeqLv6b-BNwmPAQ6UrHNbKRVrUOk9SW6JsEO2iVcizqGWi8QMLX_dtSMtMPQxnWMar7kv5rxzspiHNwSIUKozqXNS9R4soMCVuottBYDcMp0s7Tc7D8i3gANCCQYF7Jx1qzqeTCJ7dbgRgJWorONZsJB14mQ4Hrj4kztoS8Vr-UnjNdByhD0vFt_fB4pkc9dJgQpSz4j4EInolJGSG4diZ5V2dzltovioIeChlfVP55slkWwb6fhQfPUB7x8n19lHpUBpx36PRBMzsQD-jGXm7TfgtfZKoJCYIbK20Dnb14GLnj1ElFQXYpcQznM9J5Bwhx0UzO7Okwx0NS6DIgccrdjHaIecRdNqK7ir-V0Ou60x7XCuUlxVppXpteP3tuNbrAJk-4t59jbrIV9Z3wjNJYwMfKS55rG3yK1Tih5iM4xLI1BvkwKBuxse6M6-IzlkzX8-1fT6kUpMZ6bXO4J1Q9TVD9opKdrZ-kCFdAKIdz8dOj8Rdp3o6LFhAsdZn942wQEokOY6wLt2zApKR6Qox7ltOAqqK9irlKEVVbpKAL12ESTxuVPClTt6-K37I6c5gXrGys_-ZyMS_zgJ-4NUgWwkpbYLePmrkSlrTlUbrfgzMDQSE_9lyn8dpwCd6biUYebNHYjvHXxPbiKsSyUQQDony9xEQOfQkVaXZztpeg9q4Cf7XwGvVdEM7CayQ8aObzRjEgUxAw89YqTzscKz82eIEYTvhDXvSPlOh-2nLsxK3XWDA6qee7yADZoqR4Ua-NydUIE81w5a-O9i3&cid=CAASEuRoh-XempNKW1zbqo-WmtbuBg&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 10 Nov 2021 14:36:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B7E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
03102021-062010739-de-banner-BEV-MY22-2-320x50.jpg
s0.2mdn.net/9951322/ Frame 0B7E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/03102021-062010739-de-banner-BEV-MY22-2-320x50.jpg
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
175755704c657fb6886bf7cf9e86e31b827c2bc2e71a1730fbb492f1f4868cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 11:17:00 GMT
x-content-type-options
nosniff
age
11976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16283
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:20:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Nov 2021 11:17:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F808 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 53C6 		54 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGz6gqyzDA-4wV0ixGumEtUIVMJM1zsBosre4B0kOroUMhTvYR6Rf9R9tflSZi-cIbIsvLu_MXFEobcMhxxj72daxjJF9FcjmUaWZWL8ld2JE9V4zVWQ0iqwbWeRZKGZc47J2bCCfYosC96zYd5Qy30waoA&dbm_d=AKAmf-BYKifScTRinWecZwgeTtJVgv3lffUUBq7JX-9vgPcHaUzSwaC5A74fPUIwZVjC9fbldGZfiVDiQ4o9nDWD1p7tEEQdl647KN6Dnc6KyMz5u1CZATnBb7X1ed3JDzNOTLa8wokSrapuzwo0KnKjgT8a4ls6K_d4_BDfIJfB7A4R2ogkqSwYdW3gRFLyfmJjMVEJdeY-Huadyxb1spAdsJmg-OxRVxGkSesLaTd_CDKwICNldMCCqXB2OYLBh4QCs6ZZJuDyR6ZLidzPfpin70RDFuHkMyHax1GQsCo4U4cYdGzC-uaP-9XndVcLUXVXIPJDqKjr0B1oY3mx9kIKWmlzihBZxpfThGDb000ZILk1i1DjcgWm1uF6kYNZpgtVM1pieWkjghlqn2jwiiorQnUed_olC17sfsjvTNybL_GGDKDkwbI8R0tLnopBvUoJmx8eKgQR8pQ9CSMahJ_3JBdjTRdbM6JqvKQdX5MZfJWU-EHrMKMfjxaGMtGpouV4EdqclAeDyvZx5OC_1Hr9HOO8TOSgnB5F_hQEf_8NBTgOkSIxOR4I5Uqa2-jfL2GV-69AKY3qdZ4aZO0AvKa1Bn9TwvHKFYt4JdBR23UojmUyDyiqIY9nYwhp9WP7RQLna8XsDJzXu2WOSj_pE6LUyXX5T2I7tFr15Rz1qCoT8POkK7HscVQhwf1Ohuzr6ju8B-A1PnXu3TnfMR2A9UGUfBKW3qXHl91e-aF-AoN4juqyaTEzzUyahmcXAmQYd_nv3qwyNUCqjzXt-y22XIh16xy1HpiigzTmEEkf7YSylF527rQDqZVrdBlpKialRgoUpu4Vhn-gqcyBLc4ShC0AEbivXUjunfPhflEKh5FlK1Tn37oeD53DXaUfdfthQ-2Nhhpp7ITwN_TPzMvUzPusROE8q_l1QzFpiFN_Yq2RwR0bKvv98Akrjjg5VT8sQfsyzdu5OxjT73PG4GL-xFdMhnO0yIeL8EficKuvVDIbOguwJ7WJzNnyIR3HcZiSXCjFfJw9A80vhXMLK522jv9x8W3WYFKc22nJCDqOTq7-0nOSg4988P70yDjF7aKbFjqoTg4WTAFJi0rAGemAI7eBrc6RrPAKBvtFNnWQeBtraHjsFfyJn3b-nO7DPd-rG5W_D9GSUtHo8gLfdOYWnmGd-pSmsJZQK5pjKnvyhr2Ekml8IqlhDDxR8ikONskm1gW3LUTZOpcqIG08USFz9jolBy1mqWM-EO2FojgpENxfcAyWR5zjzi75iSNpUxLRp05vnCl2Yp3XLQ9g_kHNAnEKgvgrDSu62Htp-NS99U1my7CCcUMHzD825-LLuAJQyTuiGYeSbuMYymHxBO_Jf0riC5XMnyulAStEJNfcAXT9f8XbbtGbliH3COugxwb5JQxbxQ7xHRE99dc8iYBtd6i3m1ivOP3t6_j5T4iiZDuR0mYlNrjDPQ99EqUj9curTi4ih0aJvraDtbzSvAhKmjNghaH8OZ4pXBMtX53UNGKWq-4DTIo4o2uRs_ZzDcFhhoaxCzKIiiC3_j4S89nNhuitkm54nxo_eXQTM8-yz9iJIWCP1AryQBchmLydgNiVA9twAwEip2M5b8-VFZFNwDSBtGcaboMxJJzPj2U9ot_a_VL-ZFn8FZHlH_2RqE1J2RkEuM9DluyyMBGSPOv-1Y1HgC3vfgp7_-y60eRG6wTjd9IqUKkxJcH6fI_PlijPgjfyiorvWSFDiCTNR3K39eEQ-8nZLieNhTePQMTqcnluVCIccnHelZ_AaLePKC8-LlSgxYYwT6LA5GrRg5MUwLAEFn7lrgXENVoB5NY1ti5QegE2XlehbHIO3kg2LYsM0836TQbvfqgnM-3mhXq7FBue0H6PCjoD3uWNwwDvrV9UE5Uew9H6_pQGeExQ3hC9f64wBB4hsqSOB67iLeDTDI4-Z1XWnT6q1iVg8HjV34_qvJu2WSJ7vsjGc-e-1EdNEu1mAiONaXo98lFPEQIG2ZnsZqtlEHeDADMAzdlFbSOO4hkE_pz94yMVpqZdfD4_tLkftknE7dKVNnfxwER9dNT7Kt1zMDwSCdUfpdcyb_--8LJAW3KhiNhBmC6g_6mBaUy_r7TxOBN1sIcR-HgHBvaMZ-fABSLUQmOtnXd1ddZQkURTM11qki6F8SAZIL_RjHbWdKTIm8asGpF8wVUEludDmecgSJFWFnJt0Xldf2931oUTiGZlKWSQmNi0XOF3BM0dwCRY3DEAtaneCjmX0_ASvTOaIHfBqfKQi_JMFnmuXReW7UP9zfxfEGSZpcKn188GqTGqsx32MU1H1LVMnkJDDlHIXqox9ahm5kMvCD0M-P6TWEnATOZefSwl9yPT006WUJnqbOyDSv4KSvh-2j4vMFdh_v4ev9kNRi_ca88QqLM_sFUprdIeaegNUjd1PkA_fj1F2P6xycifO1guOWuxwIM-E-esz3bYt3wCGxjlzZVbBIATcwmxR62i9hfV2DZM0oDnlRrIVS9vhdDoU2O0VHWInkon08N33eQGbdL4qNBt7jY9H-HQppVWTFSp6EJ97ujZwUWskTkDashrKOVnTynXW67FvT0S2ehxp_-jra9M6BXgohL0rd_EzVJtkmjEiOoGOP9_4r9FSwBWnzhAxV_o-9uq8LYGDQTrIUxtUgMTeaAo9XwlojG_cRopEHewi5h7KswxRFH2gmzGAuBP07UV84RJvklJopPjeSh0ekJWadzrkYE9S7w_wwXUnOj5QJDbx4yD86kY3njn3ZOhKCtBCLVqnwO9GimfhZVoUra4SntqIWJa6f9TVqdP7gHsGbPZYa7aLtAjUqQ8Z_kN2Z-jgnc5FcM64BKkh8VlpO_H-heJpi8Ql8YPLxNtAsubQinSCI8x0m4zonxvbtFktaXbJcphWjiWJol4x8jvKq_f8mbv5lhRIE4G_AMQnZbVtVB1fmmeCfQJ3RABu7nTvLkeZAyfxrVt_IR2_EIyDcDM4Ic85rsqTo7b26AAgnCz41EjuwzS&cid=CAASEuRo5nVLOlW49htetmvJ-UQY4w&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d909426f85c1f06ec5eb4e115e1a012e7090f57b004109173d7bedeb0845728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28006
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53C6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D31EFoSFtcX3PQq0KGm6QrJQTR4OAjYJOk4IFj-2Aa1V6hKGgtIMOQAnk4Y_k3dvsxUgxGlDqY4BSs6JmmbG0y97r_1O1JcyHEJPI1vPn20xkfDks
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 53C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53C6 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 53C6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
pixel
protected-by.clarium.io/ Frame 53C6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31fk54eut2&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC41In19&sb=undefined&cb=5724718&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 612D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FA06 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB0F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-111165fb-6e5c-4d9b-b6db-c20fe655e05e&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDR.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761666171%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1682
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
rum
dsum-sec.casalemedia.com/ Frame ED28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED28
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ED28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fee754ac-2060-4306-b0f4-03a69a573dee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED28
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNVoXmkK2uc25iikQUVWjTkq-v1GoQ21VI32B9rliqfh8YF07E6uCEbwPnFF1VFcrRhLXfKl25NmPeJeuZhknhqB1SttNyYPZxX5WIygBJslo6WxCnW6XGtIpteXvKGOY3CtqjnXaV1iDXp6txQfOq3ULd5AQkj_QT3dUSf45qdeKzrgiSM
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1e49004d-a5eb-46a0-a005-6677a81c3157
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B4F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
rum
dsum-sec.casalemedia.com/ Frame D824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D824
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
96cfa5ca-b455-41a5-ac68-a19c7bb1c2c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D824
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVD70Zowrz_Uj5QumQlTvp1JMYTfmDiIRsgUG0zPTdaueASyuKP7qi7emAdu7GufF8UfFslY3mp5fqdXZ4GReh9jPTD2FQT_tUCgKcogwEbhO-cU35Ppft7DJqpe7sVd2oOZi6PizUjZwW67YoBE3wo8S1pf6wHlHoOV6h3-uoAh1hNBIA
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b100d43c-470b-4b1c-b5ee-b49b8c5249c1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C263 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-a386f327-150c-4f03-aad8-abba9fad828e&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDA.C%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1682
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
rum
dsum-sec.casalemedia.com/ Frame DF6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DF6B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DF6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6f08c54a-0e10-4d45-b58c-0ea9b9fb7244
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF6B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNWZuZ_6TghtnE04y8krUMf8FNR0ltZjZBCFwNG5w1MkhffqNaLb9xmmQM9Msg7m5yXugbKrLq9SAJFCm-N6DTxwALm9cPdMv3YwXyKPyh88892YzuHutdKQYu6dYcMs06QjaqfQtXE8t-Ov0LeKbV-02LzoPF7KalJSZJ7__t0B2r6jPGY
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f04f122-3a9b-48f3-bfba-3afa7bf46558
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3551
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3551
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3551
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b37b02f6-7e5d-439c-bbad-5be073d616f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3551
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNVXcL192KDzdpp0JNAnv3q4DOvM5gDrc2rMbWK81g5y8XfFdueRK01o0m-T8VNkWb76M65tsMbHJGkw7D0M9xc19fXUlefkXj2JZXJg-0-qANjnGr7_OuXxAuyBajrWVolVAUp-0pBcLm_bFXcqyIZq43eXZM_TJYSb-JMLww0C7CxRJLA
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5f22bf28-0e54-474c-b438-6d99c7ef80e2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0B7E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2JXNv9s70HVLoEcJIWRIMksTMltb4shajoSrZHr1deENxqUEPR3SOYVrY2qi5B-neeM7OxmyMjYJ_HfoENPmVtyUQMvag30uQmF9jgy9qzcMXIxr7I6i4OVkJiCznwQEAwzzi8hwmPHksPmNQmeEdznQ1EAQVbjCUaDEkq05CzhZWSix515csbt90KY1o2s8zYmmLW2UEGbXbvFqGzDHL1QP5LSSZVha-wD3T4nFaUn1rY8ltZs1baGHSLpMOzF71vl9X_cfbSZSOEBvzjhmF7K3V2fIyqAWicVL1oZ86lEqUUpRz5sLdwdHVfEeTYkWwo86J4YuRYxeCD1rp16Q5OdySuLG9bZ7v3FUuzCe_2LD4J7eRSjkytXKYDv4eV4xe_AzBIbUDmXA6Wyo7os585IfwP4uPtIOCZlQPikQv-MczqBGkwy0wtQ5dSncFHCoHowJN-qAotc9MYBsmjgy3Wi4SU4E2uzRbUROvVYtOrYR0JouogaZBLLcNU77B9034vlkxnsd1aEgzlIzigPnHPOok0RCHLxrVGIaL1YnwRV1vKGT_ddmX9-9mTYJC79MrhhWpXxk8i0dQYWAbP1u285rtwE39kLtlRZNIwMkIyLvxDL5p_i_O6Dgf-ZfJE8h6YEA9EiDjiKHq8fhPNJHGpynLU6wuTo6yUgrDUURYVpi4G9UxTv0TFaL9WvZNP8BOj4sgeDGveMqu0MZAgAKcyQFl9Ssy9jJD3OPIevEpgLuSKgLZN80GcpAmhwjz2zIKI10Ta7dTmkguSkLRukkz_8cQ4SVv3Tzk9tDJQxwfM0X6c9hb0DQfdcqg2LvdMw35ODioWulS4FQC9Cs4XBohj2-7qyUUARAiKdUAL-UBzC10h2t2qTuhsdJbkVGC4VvIAGTlYnNRa_hbREqB71RSGke9qfCo3kYkbr5dkzn4LveV9ujnhWaIl8qRwYl_UV18u-EV4D7q_VO-6Kz78AxBAt81OUkmP00nEfeTxSlqN8xImpPqRlKZy7pq_L2-yVQjlrCo6YLLPdVuA0cySH-0pDVykjrCdv5L7woy2dFruBU81Kt-_9sLocnZZiGyyVS1w2cBLLOFE9wbwDE-iqAqYonPW6jDETL6b_XPrI_iWrC1tuUWk2Fc2Tifp6NaQK7ZS2vqXAzKI27tLxr521GeoNTV6BjLgtmuls0w1TzUDbwWnMDXkMd5I207dG3kAXMW8Yxk8fX8xX1438m3ueC2GZvFAQ&sai=AMfl-YTi3ddwMCeyS7cfBH_PF9z3iAXkCSsSA9b8GbVLR3L7OOyFzIrDCgF5N_40PjuiPF0aKOrwsBYnbwur_2ZW2WHsFtEb5Eihkev7ggjMp5v7HlWjL9BNuFXrgQZLYpgVuLl49ScHJqC9SDvu1yK28bPL3CSNbA&sig=Cg0ArKJSzHWA-7pcoVASEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&vt=11&dtpt=233&dett=2&cstd=0&cisv=r20211108.44925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De5g_B8gHEDR7f1tveQphGs2bZkwFNY0iZZfQyt0q4jCuMxyoZZYNjtYoFRp8qKp-KrksVUPANjugvobC8tvBCM7a125zasccrHwCOUXw9YYia2a1S-xYSlOmr6xF0bHS4lEPWJ2vf14VklzL0zZJVlikC5A&dbm_d=AKAmf-AVJaUy1kjAIwxMH1RSs5asaSksQKIr1Z2yFoIR_sawq4YN6kdcTMpJ1Slv5nHiT791oZZ49_BBMK4LMUEvsCbxkzAffJG7bszrX--pkHL7UDPNxChOxp6GxIMIc-4kQUuOLgJE_pNR-rNg6cXtc0ozzwb35Oagb-qhuOcbNv69RcQBzSwNHBJBsYLqwLgW--VTHbJHviokiQ2hAFwbiflwDq7v_MAKgujF8qlfdwpsyJH_7mNhvWTiStPX194CzP8wbc3FPD7FLoXhks9otv00bf1hwTlnNjAHPXnjMGfP7Hm29pNtC2Gt6kV0o5BasxT8u9XbQ7EKutcXxFz3xyh8yIH5CJK6siYSVS378DgHzHTL0WW2OTnYEncHaSNt36alZvO3BlyqtnFkVPwtEdiDl7l7PA4P1rmddY9ZI7mOIIZvaRK8WbeShVeI2d7QGsonKoM3cnazlSk4buholFcyArK-6O-89D1Z_fSkUjrlyAYK9Qcnpv88IRjs2RB10qk_pW1kYCdpYx3wwA5iJmmKhg6QEP0gUF3dl9tQRNyqEJatcSDfVOFwyrTg3fLdk4qUIggpGu59vHw1GRjJnpMIVI0Gwy3-OxlF4YQANQO7h10XeOh0wESM1mpZpxCpvg4br1evvcw7w_wK7kye9qcNIelOXV_7Phf0RQxs7d7z1vrVvJejflyR3HvZ8lvS9sMipw3dhjLyloxvAyt8-T1pS4hfvxnfubJqe1VmU9c_SPo5aDTv0XyS2VR5s5Qra8Knghi6UhRB2wm4pNJkz8-sglhHZqrN_z-mPwyREk3K6j5XVBVYbJlrPFCfTbO9Ia3XS5acVqgLt-DTXmRwhwer1YGRsSV_ht26E4NtvRPJtpOI2N6QU1f0EAU9sZOjxnQGEovFSii1_zdGJovOvT9vAIjSJXjcBuMmqPbyB3bMPxcFxw_DyGKgVpohFB5gaDFE92yRHrMQWUut0IjFK1eRQr6sGUaBHz6I0kgdPXgHpGeMKFRWd-95z_cgNk8F0CFKb672UV02SufgtAd6eEAMrETBRXz_W9YK0n24wQFfEbCtqEOwztJxudfUXUhXTAa3QD17dXSp1gRPw9XV9uIE8CE90PG8QMkCEoUGZOcS_B-IGCSnXEa0mIZntdLLwl7v396VgkyQapNPE3BY8RNUe1nbbyHnbxDsfQP8Ol_wZE6aFyynZmG0BgB-0Kt2TRQcRUr1CVnQ3DqNEu8c2d7tP6BFBMrIwLcV4AgHdHU8Bz0wyVozjvSvu8siePLOBAmbyI8KFxCWEBA5hG3JT7oN4iVbkyIn3vTIuJQCnfRMClLkHEyG4r_casM7xn0l6yf-5R4UuQEKW07VgQyBEzXf10_X80PEYkmJ5GR2jXfkJlFPMa_-Y80232D8PlGNijgydYCmDIQP9eXC-N789XBPc7kE88zKJPeGddXNbKVjlHkIUZc58n4smvuCwkO2S5w6ixtqgw6aWUieVvDbhh2xyOrwARYJz6m3Y6xIAbAczvXxXH8EIbK4PXsnnVm9f8ol8vj5EQ6_BqXM76ceyzjcgpTzzjgCvTkd6VGL0AftQ6PVu14txh6cAgkFVZU7IMoFn5rTooxWy_gcGReEGv3_7GjOjYLWRo2q3w7egq-HNLPihU8OMBOpqfyAL92JWSZrJVH7XOy2g7__WPBgeFET8LQ6-sof3VpyyOGtiZB14tAjtmWn6TLmRuvb8PWLj-zwwgOW-G7RVHNM4BzU-kwvexkOflcgJbroxvSYaPJ1hXatdHLu2F2rTbEBc8Th9rp0cEUnhb7ieo94grzaXUVm3b_isP6tjFYp65Y6Sj3x7wXIHEI0oN-GAiJ0qyaPWq0x_tU2TLadI60tuk2VIxPCWXEp4kFJA_-OofzG5vejqrw7YEfmgqcy7rgwES5aljwZSVOvMIw5651btLgsphQMvASX8JNhTlpDGZN43lnHcRX1ye5DfCMpYWfNh7VEboPzhEYs0N8Cs_Vp-vC2MycCAf0qR_9XeCsicqYxgJqX-PZuDCHiZqZrwRZOZp3TNDYfKhOLF1zdVS6T-Cs7Dujt-z1o2A_PyvZAprDYEp1T98W8jkeIaQ3_BYbpYk-ovYfPjU33v6MMacZOY3D9Uao8ZcuHWaMCOl_p_68s4TJfI8qYh0So-jWJHku9BQeU1KxD9VCjWM6w45SnCWiI3HFljuF-H_cbXLTnBcEgIhP82pITa-MY5YPeqLv6b-BNwmPAQ6UrHNbKRVrUOk9SW6JsEO2iVcizqGWi8QMLX_dtSMtMPQxnWMar7kv5rxzspiHNwSIUKozqXNS9R4soMCVuottBYDcMp0s7Tc7D8i3gANCCQYF7Jx1qzqeTCJ7dbgRgJWorONZsJB14mQ4Hrj4kztoS8Vr-UnjNdByhD0vFt_fB4pkc9dJgQpSz4j4EInolJGSG4diZ5V2dzltovioIeChlfVP55slkWwb6fhQfPUB7x8n19lHpUBpx36PRBMzsQD-jGXm7TfgtfZKoJCYIbK20Dnb14GLnj1ElFQXYpcQznM9J5Bwhx0UzO7Okwx0NS6DIgccrdjHaIecRdNqK7ir-V0Ou60x7XCuUlxVppXpteP3tuNbrAJk-4t59jbrIV9Z3wjNJYwMfKS55rG3yK1Tih5iM4xLI1BvkwKBuxse6M6-IzlkzX8-1fT6kUpMZ6bXO4J1Q9TVD9opKdrZ-kCFdAKIdz8dOj8Rdp3o6LFhAsdZn942wQEokOY6wLt2zApKR6Qox7ltOAqqK9irlKEVVbpKAL12ESTxuVPClTt6-K37I6c5gXrGys_-ZyMS_zgJ-4NUgWwkpbYLePmrkSlrTlUbrfgzMDQSE_9lyn8dpwCd6biUYebNHYjvHXxPbiKsSyUQQDony9xEQOfQkVaXZztpeg9q4Cf7XwGvVdEM7CayQ8aObzRjEgUxAw89YqTzscKz82eIEYTvhDXvSPlOh-2nLsxK3XWDA6qee7yADZoqR4Ua-NydUIE81w5a-O9i3&cid=CAASEuRoh-XempNKW1zbqo-WmtbuBg&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 612D 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame FA06 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
03102021-062010739-de-banner-BEV-MY22-2-320x50.jpg
s0.2mdn.net/9951322/ Frame 53C6 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/03102021-062010739-de-banner-BEV-MY22-2-320x50.jpg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
175755704c657fb6886bf7cf9e86e31b827c2bc2e71a1730fbb492f1f4868cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 11:17:00 GMT
x-content-type-options
nosniff
age
11977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16283
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:20:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Nov 2021 11:17:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 53C6 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9506
x-xss-protection
0
server
cafe
etag
11173536317444432557
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:30:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 53C6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:32:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 53C6 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuQBXekHN5_HcWsXhdM_YbLzx_oM1b8o8YvSNSx2lzYTYtArCFRluhP6VdiBaR9W2FxRXKJgu3jd8WhlWAiS3grrqbLbhHGECqI2jbz-Fs78de3w6cAMMPCmjK8ijyPeTLf3m0HATFOZL52JQEWIOcu0nCN0VJLSER6yDF6mZOGCJXJPOCaI6K36X7Weh2TvwRCsCZSLt6repJlw3s-Ll7s44NiBiaf47ZCxUve7SV4nVvxsOooQBcyS_XRDWRZ2l_egIbST5kcGE_2_fmS7_UzydtdMAZncaWnsZRzf4Sfm74el_kGUI8TERmVnuJILx1UeUoV51wtb7L4WAVYst18jc3AbtXMp8WD5OCgPMdTlzh2tC6Cr4EEeJpdctfAyihwUB66IPrXB_9gt0f2VYVyr1ZBanvVpAFHeb2dfXFL6Omhuorz9uwpXevSTLG2HAUI-WjtevsmshLTLvFFK6T3f7tkqxcSDMOCDqWu1ZG2rRtAEu5b6ZGb0b-6-vu5lOXE5WPp3wdyEkMCpALAthT7TrqRDHuxA2MuJ0pc-xvN8XuUc-efeXSix_PsImoapSaaByNz2xEMDhVEQsRLnCFrb8K56jNMlMuiqMdtKC_JcwsQWQ1JF_guwhu6LxOO55UkhPHb8hqqaRB-EdvIWY4bJRY9oGep4EmRclANjVAYZJbutF2SIXIFsKglXybQzI1QY8CkbSwArYd30_MtDFJ5P48nDEK3IEskQqVhzgm6cUdjAtIvXciZNXHQB0xoJ2fHeP9a_AvXAT89GSpz6NyeYDzae3erwNRIfByD5aIqz_qXn4u72eYipw5T8H-2PV-soUodttPRTkSJcHyQn3_1_rfJ8RWGWuogaYCln1erJ9ASpvpG0f16R9tHRQcHzCOQLqCOgNK__YMP6v1Cibsg0nZzIpXZAqUoyjmlzLX2rJMB0SU3oI2-L0LlvbvCUhEbbODlaQaJDUbHZZY6uVkdROvxNEQUW6ZiF2c3wOeH_-QI-R6H3egaz-3pIBpr9O0JJpkb-P0Nghmf-ksnOykNgwsXIsxLMVqc257UspAvlDgRTpkiAG73kRiNeFnoe9fIhce1kFrMTSGmXxBwUUGx9nfPer5IURVATvxOeYBTdIMotbl3bfud1st1GLw7hPZ7V2Jtk5mi_n7zJBR67G70IpkEMmJjnI1QbziXP4oFaoQHaRLhOfuQ83EgyJSk3fJ-RYaGarc2p0zfwbH2_E6t9hd&sai=AMfl-YTdaEmVFJmrbUDLv8EK018S5r6tVgjfhZRPcM-nG0vSLlCIK7ZcaK_e8dmcNqF47Xs7khhHu_XKTelWvKWmmgEHKyI6kb0YFV4r_IlcjtDE39yYGqZPent6VXCjdwSbIYUmnmpc3GJ3Zaav4ftJB4qJueeQHw&sig=Cg0ArKJSzMCexAmzy-y3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.54114&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGz6gqyzDA-4wV0ixGumEtUIVMJM1zsBosre4B0kOroUMhTvYR6Rf9R9tflSZi-cIbIsvLu_MXFEobcMhxxj72daxjJF9FcjmUaWZWL8ld2JE9V4zVWQ0iqwbWeRZKGZc47J2bCCfYosC96zYd5Qy30waoA&dbm_d=AKAmf-BYKifScTRinWecZwgeTtJVgv3lffUUBq7JX-9vgPcHaUzSwaC5A74fPUIwZVjC9fbldGZfiVDiQ4o9nDWD1p7tEEQdl647KN6Dnc6KyMz5u1CZATnBb7X1ed3JDzNOTLa8wokSrapuzwo0KnKjgT8a4ls6K_d4_BDfIJfB7A4R2ogkqSwYdW3gRFLyfmJjMVEJdeY-Huadyxb1spAdsJmg-OxRVxGkSesLaTd_CDKwICNldMCCqXB2OYLBh4QCs6ZZJuDyR6ZLidzPfpin70RDFuHkMyHax1GQsCo4U4cYdGzC-uaP-9XndVcLUXVXIPJDqKjr0B1oY3mx9kIKWmlzihBZxpfThGDb000ZILk1i1DjcgWm1uF6kYNZpgtVM1pieWkjghlqn2jwiiorQnUed_olC17sfsjvTNybL_GGDKDkwbI8R0tLnopBvUoJmx8eKgQR8pQ9CSMahJ_3JBdjTRdbM6JqvKQdX5MZfJWU-EHrMKMfjxaGMtGpouV4EdqclAeDyvZx5OC_1Hr9HOO8TOSgnB5F_hQEf_8NBTgOkSIxOR4I5Uqa2-jfL2GV-69AKY3qdZ4aZO0AvKa1Bn9TwvHKFYt4JdBR23UojmUyDyiqIY9nYwhp9WP7RQLna8XsDJzXu2WOSj_pE6LUyXX5T2I7tFr15Rz1qCoT8POkK7HscVQhwf1Ohuzr6ju8B-A1PnXu3TnfMR2A9UGUfBKW3qXHl91e-aF-AoN4juqyaTEzzUyahmcXAmQYd_nv3qwyNUCqjzXt-y22XIh16xy1HpiigzTmEEkf7YSylF527rQDqZVrdBlpKialRgoUpu4Vhn-gqcyBLc4ShC0AEbivXUjunfPhflEKh5FlK1Tn37oeD53DXaUfdfthQ-2Nhhpp7ITwN_TPzMvUzPusROE8q_l1QzFpiFN_Yq2RwR0bKvv98Akrjjg5VT8sQfsyzdu5OxjT73PG4GL-xFdMhnO0yIeL8EficKuvVDIbOguwJ7WJzNnyIR3HcZiSXCjFfJw9A80vhXMLK522jv9x8W3WYFKc22nJCDqOTq7-0nOSg4988P70yDjF7aKbFjqoTg4WTAFJi0rAGemAI7eBrc6RrPAKBvtFNnWQeBtraHjsFfyJn3b-nO7DPd-rG5W_D9GSUtHo8gLfdOYWnmGd-pSmsJZQK5pjKnvyhr2Ekml8IqlhDDxR8ikONskm1gW3LUTZOpcqIG08USFz9jolBy1mqWM-EO2FojgpENxfcAyWR5zjzi75iSNpUxLRp05vnCl2Yp3XLQ9g_kHNAnEKgvgrDSu62Htp-NS99U1my7CCcUMHzD825-LLuAJQyTuiGYeSbuMYymHxBO_Jf0riC5XMnyulAStEJNfcAXT9f8XbbtGbliH3COugxwb5JQxbxQ7xHRE99dc8iYBtd6i3m1ivOP3t6_j5T4iiZDuR0mYlNrjDPQ99EqUj9curTi4ih0aJvraDtbzSvAhKmjNghaH8OZ4pXBMtX53UNGKWq-4DTIo4o2uRs_ZzDcFhhoaxCzKIiiC3_j4S89nNhuitkm54nxo_eXQTM8-yz9iJIWCP1AryQBchmLydgNiVA9twAwEip2M5b8-VFZFNwDSBtGcaboMxJJzPj2U9ot_a_VL-ZFn8FZHlH_2RqE1J2RkEuM9DluyyMBGSPOv-1Y1HgC3vfgp7_-y60eRG6wTjd9IqUKkxJcH6fI_PlijPgjfyiorvWSFDiCTNR3K39eEQ-8nZLieNhTePQMTqcnluVCIccnHelZ_AaLePKC8-LlSgxYYwT6LA5GrRg5MUwLAEFn7lrgXENVoB5NY1ti5QegE2XlehbHIO3kg2LYsM0836TQbvfqgnM-3mhXq7FBue0H6PCjoD3uWNwwDvrV9UE5Uew9H6_pQGeExQ3hC9f64wBB4hsqSOB67iLeDTDI4-Z1XWnT6q1iVg8HjV34_qvJu2WSJ7vsjGc-e-1EdNEu1mAiONaXo98lFPEQIG2ZnsZqtlEHeDADMAzdlFbSOO4hkE_pz94yMVpqZdfD4_tLkftknE7dKVNnfxwER9dNT7Kt1zMDwSCdUfpdcyb_--8LJAW3KhiNhBmC6g_6mBaUy_r7TxOBN1sIcR-HgHBvaMZ-fABSLUQmOtnXd1ddZQkURTM11qki6F8SAZIL_RjHbWdKTIm8asGpF8wVUEludDmecgSJFWFnJt0Xldf2931oUTiGZlKWSQmNi0XOF3BM0dwCRY3DEAtaneCjmX0_ASvTOaIHfBqfKQi_JMFnmuXReW7UP9zfxfEGSZpcKn188GqTGqsx32MU1H1LVMnkJDDlHIXqox9ahm5kMvCD0M-P6TWEnATOZefSwl9yPT006WUJnqbOyDSv4KSvh-2j4vMFdh_v4ev9kNRi_ca88QqLM_sFUprdIeaegNUjd1PkA_fj1F2P6xycifO1guOWuxwIM-E-esz3bYt3wCGxjlzZVbBIATcwmxR62i9hfV2DZM0oDnlRrIVS9vhdDoU2O0VHWInkon08N33eQGbdL4qNBt7jY9H-HQppVWTFSp6EJ97ujZwUWskTkDashrKOVnTynXW67FvT0S2ehxp_-jra9M6BXgohL0rd_EzVJtkmjEiOoGOP9_4r9FSwBWnzhAxV_o-9uq8LYGDQTrIUxtUgMTeaAo9XwlojG_cRopEHewi5h7KswxRFH2gmzGAuBP07UV84RJvklJopPjeSh0ekJWadzrkYE9S7w_wwXUnOj5QJDbx4yD86kY3njn3ZOhKCtBCLVqnwO9GimfhZVoUra4SntqIWJa6f9TVqdP7gHsGbPZYa7aLtAjUqQ8Z_kN2Z-jgnc5FcM64BKkh8VlpO_H-heJpi8Ql8YPLxNtAsubQinSCI8x0m4zonxvbtFktaXbJcphWjiWJol4x8jvKq_f8mbv5lhRIE4G_AMQnZbVtVB1fmmeCfQJ3RABu7nTvLkeZAyfxrVt_IR2_EIyDcDM4Ic85rsqTo7b26AAgnCz41EjuwzS&cid=CAASEuRo5nVLOlW49htetmvJ-UQY4w&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 10 Nov 2021 14:36:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 53C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 42F6 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 622E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Nov 2021 14:16:35 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 622E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:04:52 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 622E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:32:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 622E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBGQqd47LKHiZhMYs97nFU7tDfj3LEMLh8aCp6l5RlAHE82wcCasBut6LOQfUpgZ63AhjMXZFLbYQK5ozJ6Y06fIOf-4AIMQrjButbJaImtWKV_R0
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 622E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 622E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 622E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 622E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtV-TvNVljcMBKmKcSQ8LPJOhGUV6tl3tnj7QP2V6y25f98wu3xBXgcRC31qXTUV3h3aWE2KihSdmpL62wn_3z6JDWZg
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 0B4F 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
pixel
googleads.g.doubleclick.net/xbbe/ Frame DA8C 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame B81B 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZ9tS9zHMMeAvma-N3z5bhfrZ8Si8dWEeeGKTZs6k-QnkrxEYuEsJ5odmHif2_xiMRHiZ8oip8Gst0LD8l-c2klx2JDx-A6mfJkLoMd6KYFLthATpI4v7piHfInYN316fCX4NGn5WTk1NItr2n5zgz2h5epg&dbm_d=AKAmf-Adw8Ezkw1z1rbxImDPsu2B8xR4M1PYXlNl8cx003b__x6YzOg2HK4MmE-OkR5WbWCT1cvrJj-eciZruu3-el-Do2SvyhHJsDq-uTcZ5WLW6fajalvGnCvYAkwRn7sMMhmlEUVYd8vr3hdhZ4e9QT-5U8nFzlVIDTAq0IplYTnK2xebmJKOoCwANhmQYWGtFn8E_bt5-8vcGO3AjW63X5PlIEWx1uqIXCBMy_xwYDt1O7SMugrHB09-6ewDkFN4MKiT9gM1YwccqgsIhJZmnZiP7qCZXfVOIZO48N6z5ekbY1UfuH1W_2P5C5MK2VVvtkzT1PFyL0-qXymLDDWNwM-LvOJBs4XHnbmdHBNqPzo9C5SoP55csVwcyNyYNQvXC2C1YJKX5IZ3qqa-xIcsxiOMgripqhWpfHudkRAq6zjpgvPMMNkucVOxxWtY9ytKGP9BqPNHK5mVySEIATR94ZWqdYiGwq6WWt1z_atK1y8gjIMlaET1-e9iOnoq_pS7k1ZrG3o6G9yws28TREnHMLVto7dGwWw-X4Ros-jA7PgzvPofHYHLxkF0t34LxJK1xmNNe7smrdTlLLrIUbW8jWRa1kv0LBLdpOuO4RsnnC5QEe-PtYJfZyBZv8JvaeHDR_Ym9aLncPg7318LCrBFMFF9EKHrC8GoTY3kRBbGyeNE67cIk6l-fzuic_SR_n1zULuqvsFVgz-ABwjo9SmTathMmDm9x_W7E34rUrmFptV_Zjmn98olUyvf2pqQQLb0JDo-x9ff3tnjoDSQBdWUIfnpE2gg141EqDJFyI9sNYXKmvb1R8WCVMCRWyzbEIyRqczZH8DVZrQfQGU_zde9-CnJYiM40q1-VXINFLawSCYUAg6yoeZLBmyNFAqWRtYVgx-jdTUN20R2qqgzxiX9IeRoDu-qRMRbfJwcjUaDfN3VpNxsQP1vyt2aslmOSv-itH7ZHWOzWGW20xVGgbShttvAabXteFaNRYMokPiQy9-DZWFnN2sRCfwXig-NEOGN4di-tf7UXoHSGOMx8SuJKgmTDzgZv6fvzWNl3Md4kDzsHZDE7epNTusJa3mVPyg8xEvv64kXXyAaikqQSq6RPftkv3pdpbW-mz4IAmcXdOVRLf4sc9KOworxqFn3DIHntYpfkvgSkVarlqVT2t8lyzh2WQqFk6BjDvlvHtLTi1JL2hE8jlNcz4rwuxVAeGyJxmVjtB9w3qe2IugP8wDUlKwvOHJIq4n6wXvmC_3qZQZPKvLxz_HcX5UdLONSnIuSNBCbFAtAZoeRzxa-ptDEcVPKW2jRc3TqAlXESUf8zurKdIliVWvHvHfWxugWI12DZ5EoZ6VZtxxmGc_5zydw46IZ7-quavaDOgOV9GjVp2BLzuA5iHIH4_0kX1bXUGo1snWSeMfRSkYtfW0P1GJ7oL0Cjfoo45m_ybCXKiQdwZfNxFXpUgPZrcGebQvicxqi9i3nSQI-voPQjtV2934Ft4Kf2AAAHx79XIcwsty-LovXb3eWjot6kR1sbXT1HCHMgX7VVRtxXvnQk5NQjuO-iF5XLB4eThz9D118JN9I6eBMybADOnbvHYdk1yQ_Xh62f7PFZqKjbBdqKFKD3AbscspgPQM6l7IpTttld9Jgz-4R39rO2cdLsVYnEtZSjR2NUC3UeQ9O_zJ-wLUyPwGJ6E7ffkuUqlJlWMwmrkJ9eakw1Bo9VzdkfmtAxfV9B0fo5HIqB2x1VJB54ERcgYEhR2lFOlwQ4mpxXt1PQiTIBxaZQflvUXog3JBrg4bjh1284q8S1zUjd_mM-itAV15INQysRY5uSHS-dlhaPW8AA4EvnzYsdoLSTd2oUKg7gFSQXmdEMu8xrN0qPjgCkpWTen3eh5jpMXkNrSqSdWt9Zh9-JbwpMjdNxjUecT6kPUpjOnbrNhwySOHSx4pCzR5Cc_aSxaF0SPGrIdBrP5s5SfsK5f75WKr3QGHf8dRAJQC45p9TkCI2MtxKbWtpt0NwHaObmgF86AwmH6sk8FJmscyzVvA5-2rzDkYIts5X7u0uOKPWaCOaCy8UmswQWLGDvI8zLY_F1ing0afMAfE8KxVxm2G4wOnQzu0aRjyswO-hTCWocaqLPHPkxIVBcz1dPU2En6ZrIUE4kyTOcXz7xncwtm8corZHmCTAHGS8nMu0JIxRLL0mxCaWEjMW8pu0IC0sMwuz_Tna59AbUJCs3AdKLYE56OSnmIxxdQ5JUsi8kukuWj2-jZLEe8GSHFG0CVJZcD0SpyoP00iaw9m3JiuiCIMrfoPSY4TlBKCVJ8BiSgBdHT1SIWFQbFGlrfcYtWB1mz6jKm-Z3cDB9_hCbkP_DYhwzP6A9fyaOclTC8iw_ifeL9SNeZrXW_OgEOjiVJRNbD8cUyPx-AmLVa345KW_EwStpTN3HWHeFaWgOnWGVvuM54vfV8lRu-Im1H_Floa_H0H9SR0om9JeQtRHbUi_uZ5WKa7ICsPbQMvrnLD1qpod9v0BbolZP665w8t_uZLGdYq4ch21Qogiq-vGf2vhGBPrKtKD6vMJfa-bDVvegxHh6dzw-Kxg-Vm1zBdxv4s0h1K2ei-QuCBgAU6uWIbDbyG5nu2IhZV92ik3o5FopXPssHnW33ATl02kHB1QXf6jrRJE_9-fytCzas-boET_eNEKW2s4oCYxf_mEMhd9kf-tfAG-&cid=CAASEuRoP__WXqfKMYkUh3iw444lWQ&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343b1bca7cb85fefd105a64ddd92915722e7d0b24237844815eb8559cd23a225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9545
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B81B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYmQB-AhqDP_zyEDkeiKqFlr81yDrcrGgpXLPzTiqFPl92D4aAFjb812Bfwg8R51YXSxJFlLSKIAd0Bcr0oJ9MebOO-bBKUcRYPMcuI94dgzmioF8
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame B81B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&dvregion=0&unit=300x250
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B81B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B81B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame B81B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame B81B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWV8vUdsC81-H3tVq6P_jbece9ySWv9oxWdQB8cw7OXretM8f51YA6k7W1KIk8CjMky9U381j4Piz-K7AaKvVaPCJoug
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame B81B 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fk54ev71&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC42In19&sb=undefined&cb=6978762&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F808
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F808
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMHq-SSg-nC8xCzo-nDXt44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F808
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Protocol
HTTP/1.1
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c0bacf75-ab1f-4540-950f-cd8f961e0299
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIkZPaaSRy3EwZ9cQqtgrPo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F808
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhij186fATAB&v=APEucNWDpGG3mrUUDKCU9fsk-5YnUa0QDieguqYvP7H9P1b2mzkd9sdX4utwzlybJhuZNRQsDbXQElZbWF4GfmYtqJq8UBtI4h-83JEhkNl-zVs2qdk1CR7ONX5fD_boSks4QyqLEkwaKKSv3hCoI_pLDdH_D2MhqxAzxuITyg1am96S1xrI3ic
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ee19897b-d364-4a44-a728-40b896a986c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc3NzI3NjU3MjMyOTM1NDc1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 27FE 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 428B 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhvoUptliF7G2hTU8i5vm3xQ6HYInbtIx7SKrRB3IK3Y7gFt0gMs-grnT5peZ5oL1dfKXzWc0EVjtzIYc3t_UU5yhMR5BM6dGl5w4w6tKJmgemJDjP2geiRT5yOQLry3VDdaVlPOBOTN_wP_OR5jcjEudNhw&dbm_d=AKAmf-B_xaQq0vyiQISMPK-wrqlSIQVriHjg3Sb5JI979G2lwymi1sKTEaw03JwS7aOPItdKwv63I57QjNjcADm5HYUXQ9S6e4gJseOB9lROCAz_WPH0_c_Xthd0RUwapc4YFlDzJbFYAjUwAgTP7oY_tXesMPFbwkpzkwe3tCKEjtrAZpmbImc-jto_JjjYPNPrF_dSFgxDiRaK95L21GGMOkOBKbOOM6TYxZ-S1HHa1cgCqaS0f65tqc_zJYOWKzxKWUDLdftiihCd7JCWun1XVAAJrqnzi2ypEcGLbZAW-OYNO8vqVd9kKIzGRgYKG1afubzgj4SIG-FJn48qTpjnlSMK8K2QsxL856E-5HOiGpeowScXDv6rQjhRhAAjWpEahdO5zOahJ3_BFfhhROvr5wFLh0QEj23QxswyVWOWvACfFvJxpwyZaIfpO_4bjL2pFPeWhg1mXQnDToCJd87DCE61_glvkMq4xGjJEUbp5ghzyVKvpwfh8jhQSoDT4Nv2QCuad6PRumaK36uCc-s8Zx-ci9Ny2JwFlBtav7G0KN3cZsQZdK6WaCyAVvuSnv9JCtdMfvVXmxZb06tYWjFsc7RRlQY4Y8MHBUZqkhoiOiXt7ZQs1TBeVDNy3Kw__68ki9hXCEsP2EezPYgkeaP7O6BMp2RHXET0vh9y_e0O_yR5G9GSAyQ_1f1aJEnyAVLW54wiiBhE5rgLUlU-b92RzDrO3hP1SCcZKGbr0Qv_oFs2ju1WPYxT84WHQd0yuj_3PhngaBvu82WbhUatYcH7NtetvlP6WmkLaDC7X_G3KbBcXV9r-5VIPuAX6qE_aJln0ZAeWlCaiDwO784eN5OvV950923KzzcsC_ATC1sHDq1VqSN-R3bc3VtN9At_HgjxSvU5gNYlZKETYLSHx6x7DqFsueVOg21IzKpzpMlRs99Mv1x5Hrui91yyMjcXRqpwD6nrCznNe-DHvA3HxjXPGlffrYkwIh9WvipHjIlgypAqpGKV8vMa8IFW_66tk4RsZFeGKT0-8ytedVrTePrgzjKJ_oGNF7ehXRMFgEfy9A1LxngZSn_BvIfHZqXI6REqz4D8OcLBgS6pacQS5idOACP8dc15cDSkEBcdZoMdWEMWl5Di8QRSfcjE5Z84brV6h-UZWCraUxU83ghe4RuY3ljwNrBXmMGO2b8KOmjsVZtjeR9_Yn11rt94w07uBDzjQ6P07bxZQbKGGVOm6Xjnh0bmwBsoalTRZV-DBx4_SRQEG14b_6sBwwHP0QAW7JqBJSd4pfnkD0qUbCxuan70RHqMTVyZFhRz-t6iVmEHXCSB1wZRT2FioeMlz0bNSLKj_NG3BF7PLvOFMvTj3LqwhJh5EjvkC-FTrpcXnYweTL0QQi5VKm8FQhQP_amRE0mmyvMFkh_EncVYQnj2KxroIRxB8G7O1gp7Yik44XZy8o-c-8IQMUDcaYp4EE09A7aSc6_ApJOdGiYfjMf-MOgPdf4Pz3OEAn9KS0xLV-wke8eOF2BJHUjdSTOnKKyxdNwvlEUEvXkvNbJGKJwYbZ8A_TbhtoNgI8jvgk6ASvMu8oUMGMT9IYlBktRDw2o8qnU-vh9qWpaHnIRLVoJNM7ooOZwE6L0fEiGq2X9c32GQ1jZ6dl_jdDUm_X5SdOKYCgmiztRc4kGqc8tRvX-HmaiquxNPhROn-hmOozQBzZssu8JxpjpFSB0OjdUDAwB5DF7iWG-kpH8XwC8TH4RpTFXkZqASBskou8EOrK5GG1V_1AyRItKz4RMETumgtegUOeOyPxmRNC_A2Mv8kRVW9ncM_fe09-nt65vcfIAgWt4Ua66T5ca6A6syTzJGusZD1kIFW94tvtqIIi6J_WK929pELnHVvUtmVp15mx1gbcRkyEaVcSFHM6nNt6AZmosgrqqk68OVFlF0KYrQ6xbLPApNIoDtUyUJgM_noWH6Vjzx5uV_ZH1Z3NvrfphXplyRzWC7_3hPFTWMW6B6toAMwzwV0gARAcnM4j8FYq9P8aYD8RRVp7-E0hU9iT0GBhHd1RbjAPkM142GX-dJ8Je7ZqSH2rszTdyK5DvId4Bzf3XiC6g6yLaE39fWpsPhqmwmQOmeUIs0w2PlDssp1LKgAJjiGNoG_OroD2t7bn5bQZxzeH6PqE5rJbk7uGT3s4A6fVHT-vIxG2zNXGklBdpMlFzYvRxRbGbxD6AgshmnmbkWXHeSiAunAKMn_VrHGkiTJBtwmReaLxI7_322EiofBQgAkGzw--3-MdBdeKeGdyl5NmXq0stfGpK0ifdSyG_dWzyLwLauHmchqyegiEILisc82si7LixSKQ1CzcWLvKf-ie6d36XLvDkaLFpSKThZrMsp24BRGeBAMoTrbL1ZiXWStf2gAeFd5HCrafl3IbwCJgKmiRbwKFmBXsp0KqBaHNMfKLJQ4jyRmCmWM8Fw5Djv_LmftenKU3BNKMDQLhhVnpNAS2wQLHIATK4dR8FiaAn2aqq3HAjoWovW6gbCcYdeXEL6l7HDesiH6M_xZs3dPIyLc9eZ540XUzxGrmIW-IUqnrZUkVDEX-_dTtL_z-rvpQdm5Wo4U138w1G2J7di5zYu58ZNq23TC7USZgRMAsZP4jFS8T9SVaMZ-j8mBvxoy_TkeLz3PIcifGheGlX-IGkVv99kSMM&cid=CAASEuRoc3DYcygA4N5rg-brkS1k6w&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33936b52ff6da88ad578b2be9773ae0ec1171b4517374aeb13432bae8c7227ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9620
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 428B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUbPRLA4JHDa91tf90YOjDsH3MPZrKtPGvTcKmMljwQ5a4rpCrCYAod6G5lhqWsntjUH3lRyAiW1uCGOrwq91yzGuHmxRT9Sngs_XJrlpY9h6jqDk
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 428B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762291&sid=5775970&dvregion=0&unit=728x90
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 428B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 428B 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 428B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 428B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbjKF0TENMzthrXsoeSlXjpSoXJigVNnZig6GxerFN4k9mTT_3oEaw3x6oW323FIjfY3rncVLvFBfcelLJVqkequU08A
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 428B 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fk54ev9k&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC43In19&sb=undefined&cb=6594733&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 620F 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 93C6 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbZJa8rgMnVfchoNomwN2R1Jv8vXB1E1z27MZMwAU9QqUnP-pe_x2-yxs53EE_cB3GFdvafMXVaNdPGPAyxDuQHBELvfqLyNf4AmqNVnucJNCaLlRM200tgqx9cRInUMI6vGXGzRCDsEk1z_1KIii3a6Tgnw&dbm_d=AKAmf-DIG9c3Ho2ej6nnRV9bjcgv4LfcOpDd6EmY9Jf-l3djSON6naWmKQkv0qNDv7Ch70ebPt5iYsrW9h1XsGydWZY_4hb1PEWn0MFwrMALYPSVH34Gbs5k5TYtJ8AkNeJA8ZZJUXp5zx-EVN08tlieOB4xO10NWgemfXs5wSWblcPsGOJTE65lIyKaz8UNPnc80615aytfqIjR5trCdN6Q915jsQZMmrsdDDx_AeDa-RBYOaU91EiiA-8EuEILztxsQz2Xle5yVzOFP32FVCW9PJxBXJqDSITyh9oQmA4E6fsrCd9IP2Ot-DFQe2q6bYK3Zz9tX6S-EcqkxH0Fpl8dUsIwdETRXVD3npTf7tRz0B-BpDHn8mPSPck-S0nlU4HReqgf1OdufZZlh58WRnQrvG5iW4LFeZtjegHr0jzHT1i_SdIg9dHm7A6iQHPU3nORDdcghyx9fZjtONdhK-7u-3BzqFZCH5K3Ufb15bfFo-QtgN2vmKC_4ApDJcarEOsVu2DJrW3GfVdCZZVgaCIj7X1vCGuW9Fv5wWKxPm5mcCLNcs3TRycAOFk6ZqIz40nRzv6y4PvRts23httPmwrg9u9YroDxAztJCyEzJ_W48Nzeh600TPNI3vlTMWhozlxulH1Wh9445v_u34lWK7ufMsWxX9j4vZfhwqF3p_45SYsgy-P8TIhXKGeMVhW10RV4KTi7g8MC8HqwRVxuSLwk4jD8OgkDlpgJMuRp3hsZa9k4bwhvouBb6tGx8SkyVnxXGfMwYHu0UcRiLKG0LJT6n3xjlm_wmqUwW3lvQlZ0i5BGglyrj8kzIbjOFNRpr524bYa8ie3U_FbzelfDw_iTCPbjMqcWb5PjKDFtP0mhHvORJQeiUBdQrkPAWWhriwrZl3X6gsP7Zq-V7J8URSvjcWiRmIQd0t3aUnQ1q4pWj1Y8QKFnCFvVh9-XqsfC38WUHrbQ-tBnlSzH8himDH4JLVYJfmdbpt2TfCPs_OGKT8wgdDh6oyvFbLPv9bBrhwdbqKiAq4SLThfvNhrfPf0irHii4Uu-sgzRRc3e3N1bSqGK6eLfLWC887slmr5vojZa5CK2M0rGXqJp2jF_P2IpOVaJao1aTC21Z7NCORBYFe37muqdqWCs3h79p3pKByl8zFH6tQb-mgqNG-Zatin24mm4xgsgqv3AWkOg32h6b_Cy4SMr51aa0sKSA70CuQNUJkFlzRuIJTu0-SV1evjq9fpo3E_Fh60XYqGlCvCf2WmGC0YfihA8_8wQi3L_zW-RmTPRA1RJBnL7AwSMHQSVKZ2mJSIBXV8pyXqTw-6apvrYKY4kR_6wb8_rxiACgfUslVpde6EOjf3vktWk42llQxkTaNz7OeWqDN4o8UvXJbJcejykwNo4EQz-AqE15liz0XfMCBC3zd524qdtLONgIkC9JmN6AWj5QWzgfQ9ILmJV1MfretlO2tY_mdcobG3We_7dytNzmntUTEnJPDFOkPGWzEfucSY3hnHWi9NZZ0t-OOPDtMcg2EHzF05lMGPeeogbol7dc47MQFXOuv1HdVKlMPjf33z_3CGk4Gp1Mh2mxO9_QrHWAWP68qvPMyhiMZNwVQuMHJdZqaEOXkT6a48SQWXEgubJkNMGPJcFe-Y7I1rTSzSXUq_VZ4XpiUs7TbfTH4in6BiOOqIu8zBR2Qb9fR28rrGkBXG17y2Ze-gjsygwYY2TsLkcyCtCxlnLrtny-Voc2W2bLD54F8ZEuEqoukuSj0zkr0neJKaEkob9C-MHMyr4q6BNwsRA8OenjW8VYfzKpsG_qtOiD-xKW13_Gc1XPHFqssU0cOikoF2A7LiNm8szhG9x0pLPeUySJC4FllI7LZfDGP0-p9NYjmwbZBMWQxJUYAePIPpZY3RNkrJ5P7mvonOM9tlV5YsJxqyRr1ffucryo_7Jfsd6XB_Wg5TBVNBBUxyOX-VjWcjxsQ4msqFJv8cJ3Zc6XwD28ncqTImR657bGTJJlVijaLINyPGPyWyd6FRlPq1NAppbd7_MykW6hwXGhQO85wGQFqyJjbDsLBZLpu3XwGDbb9jE7_bRE0A14W7j9KnMIIrt1SK4vcYk9iUToaBUm_10cQHRKZi-NuwKM3MX3j0G9a4aaJ3aW9mVk2vx5at8QyHWNP4u9W5l0ufvw628d7tiH2V5ikymcFim_eqBUXg2txDU9Lx-x_t7J6zArfUTfiuWP2eOY_LgrwWM6t8ZxgBBEibgAxqyonPe36rONwHrAhEfh5dsLTTYCkH1-cDqvhSUF-BqO0QKAJ2PKGxkbRw7JLZeGSVFdylEuP2J3cGFASuLKZ_gTUKziv9bFf9CFG429Wc5vHBTyZ8F0ZB2xNX6AD4NMVScu8cud6_K0paubUG5AMxwWS2_NdP1SaiCR7Mr6GiYV-yISMvXEJ8g5LR2T2Ignf__XBmALUUNAuSRcHwOICg4auH8VWG3qfx4O3TnHXWaGZc2wmgvFfjAKGZo42B9xosXDKxHntv9WI0yf6dI8kgMmWA_DqvakReIoWpx_W7KGNsBf3xgZGKS5x8YsKwCULv5iaUw4YVm7LuVtBiOPYDqbYYk1bIBmYAZ4VxWnnUWmiuhSepFDa9A0OIx4hoOR5i-J0snpVsJWahul0RPcg0QZ7t_mFJBBqOzMw4flBvCtoY&cid=CAASEuRoNyTstN_vqQyiaOxAXn_L6g&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1179fef140062ff50395416a7dd740a5ba7e2abf053114eedb8d8c1eda96795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9624
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 93C6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXrXq8WqAG3yc0_XgbfEE8MsH0HHwSEJCBGLeLn4hO8I0HS8J2yvc0wfdBi3aqwtVQ26pVP5C2kAUP8HJwL2cTkVHcudWKYi-io9C0sHXB8wWnS-M
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 93C6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762291&sid=5775970&dvregion=0&unit=728x90
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 93C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93C6 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 93C6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 93C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMYd0U_KoIE-ECIUBoawi5jubrMXeFrm__oGMMMXDNDvjfib21r6oF86GvzgmYPMOBDpkndmiLQw-p3g8LuOPGA1L4Ag
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 93C6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fk54evbg&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERQLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTA1MjAwYTllLWNjZGQtNDQ4ZS05NGZkLTllYzUxNDFjZThiMCJ9fQ%3D%3D&sb=undefined&cb=7945330&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 317E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6EB2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 53F6 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62680
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0B7E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05597c2428373b6c3a7234a05541ddef10167d2642d58b544503c0a33e568f5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 970B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 53C6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuQBXekHN5_HcWsXhdM_YbLzx_oM1b8o8YvSNSx2lzYTYtArCFRluhP6VdiBaR9W2FxRXKJgu3jd8WhlWAiS3grrqbLbhHGECqI2jbz-Fs78de3w6cAMMPCmjK8ijyPeTLf3m0HATFOZL52JQEWIOcu0nCN0VJLSER6yDF6mZOGCJXJPOCaI6K36X7Weh2TvwRCsCZSLt6repJlw3s-Ll7s44NiBiaf47ZCxUve7SV4nVvxsOooQBcyS_XRDWRZ2l_egIbST5kcGE_2_fmS7_UzydtdMAZncaWnsZRzf4Sfm74el_kGUI8TERmVnuJILx1UeUoV51wtb7L4WAVYst18jc3AbtXMp8WD5OCgPMdTlzh2tC6Cr4EEeJpdctfAyihwUB66IPrXB_9gt0f2VYVyr1ZBanvVpAFHeb2dfXFL6Omhuorz9uwpXevSTLG2HAUI-WjtevsmshLTLvFFK6T3f7tkqxcSDMOCDqWu1ZG2rRtAEu5b6ZGb0b-6-vu5lOXE5WPp3wdyEkMCpALAthT7TrqRDHuxA2MuJ0pc-xvN8XuUc-efeXSix_PsImoapSaaByNz2xEMDhVEQsRLnCFrb8K56jNMlMuiqMdtKC_JcwsQWQ1JF_guwhu6LxOO55UkhPHb8hqqaRB-EdvIWY4bJRY9oGep4EmRclANjVAYZJbutF2SIXIFsKglXybQzI1QY8CkbSwArYd30_MtDFJ5P48nDEK3IEskQqVhzgm6cUdjAtIvXciZNXHQB0xoJ2fHeP9a_AvXAT89GSpz6NyeYDzae3erwNRIfByD5aIqz_qXn4u72eYipw5T8H-2PV-soUodttPRTkSJcHyQn3_1_rfJ8RWGWuogaYCln1erJ9ASpvpG0f16R9tHRQcHzCOQLqCOgNK__YMP6v1Cibsg0nZzIpXZAqUoyjmlzLX2rJMB0SU3oI2-L0LlvbvCUhEbbODlaQaJDUbHZZY6uVkdROvxNEQUW6ZiF2c3wOeH_-QI-R6H3egaz-3pIBpr9O0JJpkb-P0Nghmf-ksnOykNgwsXIsxLMVqc257UspAvlDgRTpkiAG73kRiNeFnoe9fIhce1kFrMTSGmXxBwUUGx9nfPer5IURVATvxOeYBTdIMotbl3bfud1st1GLw7hPZ7V2Jtk5mi_n7zJBR67G70IpkEMmJjnI1QbziXP4oFaoQHaRLhOfuQ83EgyJSk3fJ-RYaGarc2p0zfwbH2_E6t9hd&sai=AMfl-YTdaEmVFJmrbUDLv8EK018S5r6tVgjfhZRPcM-nG0vSLlCIK7ZcaK_e8dmcNqF47Xs7khhHu_XKTelWvKWmmgEHKyI6kb0YFV4r_IlcjtDE39yYGqZPent6VXCjdwSbIYUmnmpc3GJ3Zaav4ftJB4qJueeQHw&sig=Cg0ArKJSzMCexAmzy-y3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=351&vt=11&dtpt=350&dett=2&cstd=0&cisv=r20211108.54114&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKGz6gqyzDA-4wV0ixGumEtUIVMJM1zsBosre4B0kOroUMhTvYR6Rf9R9tflSZi-cIbIsvLu_MXFEobcMhxxj72daxjJF9FcjmUaWZWL8ld2JE9V4zVWQ0iqwbWeRZKGZc47J2bCCfYosC96zYd5Qy30waoA&dbm_d=AKAmf-BYKifScTRinWecZwgeTtJVgv3lffUUBq7JX-9vgPcHaUzSwaC5A74fPUIwZVjC9fbldGZfiVDiQ4o9nDWD1p7tEEQdl647KN6Dnc6KyMz5u1CZATnBb7X1ed3JDzNOTLa8wokSrapuzwo0KnKjgT8a4ls6K_d4_BDfIJfB7A4R2ogkqSwYdW3gRFLyfmJjMVEJdeY-Huadyxb1spAdsJmg-OxRVxGkSesLaTd_CDKwICNldMCCqXB2OYLBh4QCs6ZZJuDyR6ZLidzPfpin70RDFuHkMyHax1GQsCo4U4cYdGzC-uaP-9XndVcLUXVXIPJDqKjr0B1oY3mx9kIKWmlzihBZxpfThGDb000ZILk1i1DjcgWm1uF6kYNZpgtVM1pieWkjghlqn2jwiiorQnUed_olC17sfsjvTNybL_GGDKDkwbI8R0tLnopBvUoJmx8eKgQR8pQ9CSMahJ_3JBdjTRdbM6JqvKQdX5MZfJWU-EHrMKMfjxaGMtGpouV4EdqclAeDyvZx5OC_1Hr9HOO8TOSgnB5F_hQEf_8NBTgOkSIxOR4I5Uqa2-jfL2GV-69AKY3qdZ4aZO0AvKa1Bn9TwvHKFYt4JdBR23UojmUyDyiqIY9nYwhp9WP7RQLna8XsDJzXu2WOSj_pE6LUyXX5T2I7tFr15Rz1qCoT8POkK7HscVQhwf1Ohuzr6ju8B-A1PnXu3TnfMR2A9UGUfBKW3qXHl91e-aF-AoN4juqyaTEzzUyahmcXAmQYd_nv3qwyNUCqjzXt-y22XIh16xy1HpiigzTmEEkf7YSylF527rQDqZVrdBlpKialRgoUpu4Vhn-gqcyBLc4ShC0AEbivXUjunfPhflEKh5FlK1Tn37oeD53DXaUfdfthQ-2Nhhpp7ITwN_TPzMvUzPusROE8q_l1QzFpiFN_Yq2RwR0bKvv98Akrjjg5VT8sQfsyzdu5OxjT73PG4GL-xFdMhnO0yIeL8EficKuvVDIbOguwJ7WJzNnyIR3HcZiSXCjFfJw9A80vhXMLK522jv9x8W3WYFKc22nJCDqOTq7-0nOSg4988P70yDjF7aKbFjqoTg4WTAFJi0rAGemAI7eBrc6RrPAKBvtFNnWQeBtraHjsFfyJn3b-nO7DPd-rG5W_D9GSUtHo8gLfdOYWnmGd-pSmsJZQK5pjKnvyhr2Ekml8IqlhDDxR8ikONskm1gW3LUTZOpcqIG08USFz9jolBy1mqWM-EO2FojgpENxfcAyWR5zjzi75iSNpUxLRp05vnCl2Yp3XLQ9g_kHNAnEKgvgrDSu62Htp-NS99U1my7CCcUMHzD825-LLuAJQyTuiGYeSbuMYymHxBO_Jf0riC5XMnyulAStEJNfcAXT9f8XbbtGbliH3COugxwb5JQxbxQ7xHRE99dc8iYBtd6i3m1ivOP3t6_j5T4iiZDuR0mYlNrjDPQ99EqUj9curTi4ih0aJvraDtbzSvAhKmjNghaH8OZ4pXBMtX53UNGKWq-4DTIo4o2uRs_ZzDcFhhoaxCzKIiiC3_j4S89nNhuitkm54nxo_eXQTM8-yz9iJIWCP1AryQBchmLydgNiVA9twAwEip2M5b8-VFZFNwDSBtGcaboMxJJzPj2U9ot_a_VL-ZFn8FZHlH_2RqE1J2RkEuM9DluyyMBGSPOv-1Y1HgC3vfgp7_-y60eRG6wTjd9IqUKkxJcH6fI_PlijPgjfyiorvWSFDiCTNR3K39eEQ-8nZLieNhTePQMTqcnluVCIccnHelZ_AaLePKC8-LlSgxYYwT6LA5GrRg5MUwLAEFn7lrgXENVoB5NY1ti5QegE2XlehbHIO3kg2LYsM0836TQbvfqgnM-3mhXq7FBue0H6PCjoD3uWNwwDvrV9UE5Uew9H6_pQGeExQ3hC9f64wBB4hsqSOB67iLeDTDI4-Z1XWnT6q1iVg8HjV34_qvJu2WSJ7vsjGc-e-1EdNEu1mAiONaXo98lFPEQIG2ZnsZqtlEHeDADMAzdlFbSOO4hkE_pz94yMVpqZdfD4_tLkftknE7dKVNnfxwER9dNT7Kt1zMDwSCdUfpdcyb_--8LJAW3KhiNhBmC6g_6mBaUy_r7TxOBN1sIcR-HgHBvaMZ-fABSLUQmOtnXd1ddZQkURTM11qki6F8SAZIL_RjHbWdKTIm8asGpF8wVUEludDmecgSJFWFnJt0Xldf2931oUTiGZlKWSQmNi0XOF3BM0dwCRY3DEAtaneCjmX0_ASvTOaIHfBqfKQi_JMFnmuXReW7UP9zfxfEGSZpcKn188GqTGqsx32MU1H1LVMnkJDDlHIXqox9ahm5kMvCD0M-P6TWEnATOZefSwl9yPT006WUJnqbOyDSv4KSvh-2j4vMFdh_v4ev9kNRi_ca88QqLM_sFUprdIeaegNUjd1PkA_fj1F2P6xycifO1guOWuxwIM-E-esz3bYt3wCGxjlzZVbBIATcwmxR62i9hfV2DZM0oDnlRrIVS9vhdDoU2O0VHWInkon08N33eQGbdL4qNBt7jY9H-HQppVWTFSp6EJ97ujZwUWskTkDashrKOVnTynXW67FvT0S2ehxp_-jra9M6BXgohL0rd_EzVJtkmjEiOoGOP9_4r9FSwBWnzhAxV_o-9uq8LYGDQTrIUxtUgMTeaAo9XwlojG_cRopEHewi5h7KswxRFH2gmzGAuBP07UV84RJvklJopPjeSh0ekJWadzrkYE9S7w_wwXUnOj5QJDbx4yD86kY3njn3ZOhKCtBCLVqnwO9GimfhZVoUra4SntqIWJa6f9TVqdP7gHsGbPZYa7aLtAjUqQ8Z_kN2Z-jgnc5FcM64BKkh8VlpO_H-heJpi8Ql8YPLxNtAsubQinSCI8x0m4zonxvbtFktaXbJcphWjiWJol4x8jvKq_f8mbv5lhRIE4G_AMQnZbVtVB1fmmeCfQJ3RABu7nTvLkeZAyfxrVt_IR2_EIyDcDM4Ic85rsqTo7b26AAgnCz41EjuwzS&cid=CAASEuRo5nVLOlW49htetmvJ-UQY4w&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bst2tv3.html
cdn3.doubleverify.com/ Frame 03B2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84310
Date
Wed, 10 Nov 2021 14:36:37 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 612D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_814439770351&jsTagObjCallback=__tagObject_callback_814439770351&num=6&ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&advid=&adsrv=&unit=300x250&isdvvid=&uid=814439770351&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=2.60&dvpx_strhd=2.60&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=14.10&callbackName=__verify_callback_814439770351
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
380f87067578276440fc2a5b6f899eb27bf1e9a15ddc26423542fa1f95c55e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:36 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:37 PM
dv-match6.js
cdn.doubleverify.com/ Frame 514D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19322
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame 0C47 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84310
Date
Wed, 10 Nov 2021 14:36:37 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame FA06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_399233496417&jsTagObjCallback=__tagObject_callback_399233496417&num=6&ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&advid=&adsrv=&unit=300x250&isdvvid=&uid=399233496417&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=3.60&dvpx_strhd=3.60&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=12.00&callbackName=__verify_callback_399233496417
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
522f2bf913da5c97e70255bb95ab518c2697869c8f357285f0b3805cb34dc63a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:37 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:37 PM
dv-match6.js
cdn.doubleverify.com/ Frame AFA1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19322
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
pixel
googleads.g.doubleclick.net/xbbe/ Frame 55CA 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame BB0F 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp0cPDK95tIIHijqfoZpcv6e060MHpzcst2DtYuGXOLk81w2xsJmUEHZ6Sv7ylX9Q4Ie5vr9lGEqSZieT5z-0GUiyvUG9lixHYziQN49xx3gN5eV0QuqGOZwbNQyTTClO7mGqyDXkYcEaNqkT30DibB3InQw&cry=1&dbm_d=AKAmf-BTGCI_pa5ClHRePDIgJMxSIemwEEOUWNNS-XxcI1g-s-lMcqzQP-JG7JyvDDBwwy6doUoEVHGXKTtlBNJ-7_jEluRWRPtsAVAT27qAUVsDlEeFiYr1RD6E9CBmpiVLQz2Khix1uhqXQ1evZgoqNChTBEDd14Sadvf2Pv0Mg-Kn81r_8nSYogEk8_AwXOiFaZG8VG98ABzMfVsebBAQEjO_7sKDiZcWhaJg35Mknh8sgRRskbowCK5oLKAn2XACZtE0_jHnPuwTDsHGCFZdgwCuXdH139i6vGi7Pt2lxf7Bgw-Lia2KGWwATCfgrTmh_vMSBX5sb39LW_ZEPlIKtIBD5oYqFyGTxbwd20noSuEm1Hy8nGzk9xtIjQAodzkbVaJFAWekF1u78gCdcyIlCcDB35zqBYQNDDUmp1Xml4GJUPojO3UkLkUtUROikYNoGtNoce0KRjcMzm8GBlTUH-kjZiBPQ-czG0zAEOisqcFyBZ_ZUkEFlbcyykhdQtOfJDYzBVKeuvIIpRKZ0ZUYPwAC4dkOrGdS1Aoeu2XDlHPUMvqRsO44qOVIlB4QBxs8yLtPxXwYdA9yIKqHqkB7kvJfJ5lbscqXdBIkHOk-T1GuNOpZUicSzAyE_93Zv8c29D-O0vI0mMU7gBxtzTWxfu_aSvKgB1yIgF_rAW10BZ5AeIgLExA6pWZsOnpZWc6kGTUuUZ8iIafg5Kb2PiSjftWh7xY4M4WsG8hBR4oVIVTmA9kGKRKnLXMO9QFJR6JXqcMU7XGJjM8LAg2XHgzjDuwFHD7Jr8otjdf2uGm44QjHNmQXqtrdwNkmOIy5qPo-mdQpi2hp_dUZnlYZ5akodSy-lnduinpV0tLn6wgm-DVo6Yabh8R4YI8JkRzZuSgT4vs0fySBcuxgAVyUgt7GXltR1LfHV8E7TxvVd7K06Av9VNwYgny3Ieesz-yIMhOTfnFRecII9ciSJpmvkLvZbw9X2n_MME9XiWJlDXgSjOsuK2HgE3BiNhxeh_xhjN-D8X_bp79pk2PicPQrrQVMnfs9cxvGTROqbY0UTW4eroG7oI-IQWeJEMcOoiMTNiO-nKDWvfUy2NsunvwgouNKnt3-2AAkIdV3tizYf4dDPvZ49p2N0JYZ4KNZgT-7a3A7egAyMqe4i6lGW7xv0TnepkgNTLoYWMFrS6oBIxh6FALNMmVp2vpaVAHGvGEf4ey0uBzIseCdK1NeMJ-vWyHZJEIgdAfYbD4MIECX3rvAQmSbzNNA2GyptSORJ9MurFQT2Nb8_ww9BpR7VUVr8IO07k_wvaoFvuZSpD6AwDJI31QZuUEXDxJPLQTytmK_6bBmhhYe1QPGU_o3QIem8T8cpmdUJKtHeoQeD1sKNplLvG-Y1o6F2oSZxhL895B4vhcLJWxEse5fEhjYexzg2-UPcUsAYiHVF_esK0FwAPpfM7FHm_AtlQCud5zDsi42blutis0z943HfBSrShILgcI-qxKiPeCk8r9ZNa1WLxcD4LQ4x3MwziFN5jDo3Qdzvv4zW-dFJ-PkIGwuboXVifJSNCuYDSMEbRCGboqbGOMb-m8P64WmGMbdV2Yzo8UncYOQPjIP2_OhfD0sNJ-ndX3eIfTbrTKEjkxUOENWVW8MjDPUpWFNUZNgiR5Wy-XkJHjzh9rYSzSdtw1pWC1wX53yO3ufeBBfXfpDjzZzYed2SokYumuWnIrA6eIcpJ4x9l9dWWzGUtVfwJLUVNnAIJq9HpIioIPD26ILiNsAInaVGmOYtgibeZ2SGRlIalLymI1_e2kGTJ5acTkbELvUA2IdQZeIQ28qj7duLABkcH7Jh6OCLItxXys9UQ7CdjQZDl7_EodB7NnQRvYQ35y8DN4XWgFw9BeETJxZeWi2RXvyYF030LLVPL30CShU0vw7g9jjQFpZfVbSNrBWamnxeOQO3DXZTPhEJvxDlnqOgbueO1jv0A4Yx8d6c6GBWNscEzL6AF5hxc9U9hmVGBi1qv0JE8zFYIqXfAlv3hQFolk03tFFOuqxFdj54YV9hzudbITVC39v2UZoYSw4wOOY2pq1Akk1QYsM2_y1KG9SeWyqD9Qekc_RjMCPs0ThnkyWZ7wXr-thV5in8_8nEaoaRZObI_OT2VIw6o2NPZ8MJ2wWnsdEV6O_CfHt27_Ev-T7OcbLTRwti24i6J63QA_zqwq5DM-I-6gRZQF8X5oqDCk1ltRz8qHZ6B_Yiv9ZCXZIFz6GQqSrPQsn04qz5NM3cIIOOrdUdGSd2X17PeePKo8mBdfurLXkH6XAeHIXI9j9pf4nBTMV-Jv7aUQiZ4u_qqANak6HFARl7VoEX0pQ-bFIUvbdSunslMSXXnBGksW78-SBIZJd0LTT8ubX0iHj1Vm8QCZQC8yMRi6cTTmGk6qpF4zKbJZ5GB_0baTb_VkcmSq0yMX-yYeZAgavlBVcc7FPv1KwFTvJdJRJtzlQQ46Byt4PhVxSFHvMwQL2l3QFp4MJoJN7gVKOZzDkwzD26QFV8R_72wCc_RMK9ZZWPENmYjiw5GjTzvpZFRx0v1YZYP0-RhYXW7QdqKRwHWLnfoipZ-TR9Y0qmoGC6eJ6RvrZnH0tFgRIuk6AjwuWEPNUf_s6Y4nctJM8jtAPtk5cSkAmRIEu1eecnbfX3epQCSdlU3KJ2_mhYP47S1j4Jy65uQ8TsvycyFuWgXhtxRwsSAMD6uk2TuJbvod2pOTQZraDBDgqvLL2nZpLZniA6lDrMu1_x7ZHDwxM_3mlHimEj8HSTwomLsFf1W35v5O9ni_jJ1IoxKHDxuMVRUR3K60r8tCUu2ZRIfz7eOlaQI3_BXaL8SZqfXhVkEgwKCUPcdzHxvJ3qEBuc_YaEnZu-yUu-y1lpcplhk0927sXCTA5LFyHCAsRpyQj1zigwTF74WsQGwH4thQS0fTdwEGuwIkYFXg8p2j00qQCMPXir_M9zTLXhl3Brv3NRGVR16z8EhotwiYrEBgFO7o&cid=CAASEuRoIMuvR8boUwk1slUWWoM00A&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a9546cfa625b0f24bcb03a0f9cd46bf7bff9299ad6e17518853ca5b15bcbf8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB0F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dts8gBkEkDyRN1K-cyzXCjvE4NovzR-mIfqLA4HuXmcFdNxBs6XNk2ymL8LrvIXAnRo96PNGQCn5_3wWETNuXHeH1qOOZ_C2LH9wU7elJ6HxTTKs0
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame BB0F 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame BB0F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=4699120&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CqMQ39NiLYbGSKcbr3wPE-KioCY6ywoxmsZyzoIoP0K_k1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP_bNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq-lSuFBo_O5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd-Xdpxf2_L9drp9u7WtB--KdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA-AEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE-60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASEuRoIMuvR8boUwk1slUWWoM00A&sig=AOD64_1zU8hjy-Jry-4IywMcCT4URsP2Lw&client=ca-pub-3944954862316283&dbm_c=AKAmf-BmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz_HVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA-3UWm9zjn98zdGmwCYzkejKlBtF-p_y4pA&cry=1&dbm_d=AKAmf-C39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp-RMVWwK_NjwvGxEeV2GoBdl_uyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e-ksG1eiAV6MYeLEovd_wasJtM5-BdwKKHGBa8_er5jHuY85IeuvF-OWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU_Y82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov_8BlHX7_0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt_iPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5_-1YZSDrwpIfZUO&adurl=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
b0f73d84e33a1642bb54962406f5e78e930e6b929df1802e5988781af492da5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 15:36:37 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BB0F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB0F 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BB0F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame BB0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsK2PVNMDXqdAw_3OnJ-9T4xFM7cCdi3fxqx34BmbQHlJ2Pf9cl0smizD6_7fpZ7Yotv_CUqMiQx_nHf7fm_JXxwi88Q
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame BB0F 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31fk54evj3&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERSLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTExMTE2NWZiLTZlNWMtNGQ5Yi1iNmRiLWMyMGZlNjU1ZTA1ZSJ9fQ%3D%3D&sb=undefined&cb=9760476&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4BC1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bst2tv3.html
cdn3.doubleverify.com/ Frame F062 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84310
Date
Wed, 10 Nov 2021 14:36:37 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 0B4F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_703326476435&jsTagObjCallback=__tagObject_callback_703326476435&num=6&ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&advid=&adsrv=&unit=300x250&isdvvid=&uid=703326476435&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=3.40&dvpx_strhd=3.40&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=8.70&callbackName=__verify_callback_703326476435
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
355f63735f316efb803ce8110b7321542f6533ebed34cbf4c0eaca19c74f72a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:37 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:37 PM
dv-match6.js
cdn.doubleverify.com/ Frame 571E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19322
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3012 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:37 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C263 		73 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bql2ZzQnfMDSSi3nkfZho8745Muf7svAV0OUA_pZ4QjfKdGPAeuZBF2duehjIC92EQunbNxb77PpYEnRlGmgFbqIkmnzi4-OT0RahlBMcg5TdPDLFFzdj5AmfLn-zW4lmo2qzGL7w6jSE3-H47Q6Do09gTug&dbm_d=AKAmf-CcK8LWhtU3ZFQ4eAzL1694_Q8wfSSi-vQdeLSQN-yGWjTSr81dnWbWrYmSccek7lt5xrKeFH6L9-L8mX5vvlzdvtm6Qg4-5yMTyyy-QTr3Vx9dPQmmSNlXzXyDExEY4kIBhmGIEu2LSm4AeCSEDkB-eGOomIfPVFhf_dtFzYm6TKEt_AGQuWmPnKBNvxsMjv01s72RpDFi-0uGpDWsQtWiRFMJudLZTxGQ9MPO_7DLLljW8TXqI1KiwYuv1Zpc0WXNSaAzbmh3qKGqlKSr5Z1Fd6YdS6vU7Ra4hxntsFMJl9730p2DMkUPgomYf5U_sAx7s7yOQlCZLsckX9LenCXLjYdpw_VncldfzzgHmVK4TqgpaGWiLKwOgyJXEnYEOLKckfKW2vrpo2ZFyKKrxiqtJa0b8znKKpFIRUYEzdvm3cBfeIjf4uIIVNA2VM_I88p6qEk3vMO57XTm2cj7XjPawYVBkDXETxyVHFlpDYLasKph-Tv9xInavsuOWgOlw0MHpXeTiuDAFVTqcSZQPUqC8mXPRrUB6SCMxCeo1Yk0BIds9_wWDzsqcIBVfSNWkq80xQUopWjZmDZRDwe0XBKL8P1y7BXLdO9OggaL_8Jcj4k80XprGJYTOYJknOthNMRawUo_ox8MHP_UWbkDKd7VPCKtWI9VFVPdqA00olGL_R_FedKkbW6cpZ7kgrnpZYxH7Pjkh5ml8cU5O1VpsbeBTrVlJPT1cZALPuvRHZtuti0RBqjrgpmC9WKRHjfhf2YmAyaF0kCR0sL-JX5syl1ooq5OLa2tdoF8KusYgsVNBYti94GOoyHeXwQb1uX0uEuPm1m01Lm3T3VcJs62jry8RaS3D8SpaynFHU8xQgxrWCFaQV9A8B640OiZ__G5BDlj5GQ18qw3pg_1NxZPQbKO1ZCV_NNFTkyiakNZGja8X9VhisIIz53q-ekpjBNR0NsIpFJDQHIUG-EO5Q8wZmv7VkxQIuh8VykSUxev_aEim7CTzglx94TnygAvY6yMpFZuYe1xSdm1EqRWlrxbIRY_Co7HTk0AoPi71__aJ0D4nScUUOytnAr9fNXGe2K-3qhCnJ0ZR1TCGoGqNpQDhrxAANlcxiuJehmjVSl6quvUG3LnQxwiAeC7EnAPUumr95sam-VpXI-ifXFaL4mdgF5P5rMCramYTkqndxoiFZVbOdnqTTcATNuowxxKxIz0YHtAopItlyH0Bi89AZ4nsyr67F9NqETn-gSMdwXdDN_Ht01VruFiLhQSgUd-vnGkwqnT_bKvuFZvU0EM2e5yPSREjqCWoQMrcXDg1oon62OD_jaMJ-3x7xwlPtibCX-rkvkA2JG82Cs68GOo9_oRy4_7Le6j83SZW8Nqbx9Vga9X9co84ONPc3e2BBKzI3zMQUrWdFFx23m2rh8872q2W34BDURTgiH-9xLfREkV1L9dXmoRJhnVp9MAnWtmgB_hs4JRx9CUSrqeohxm2VmfBpfB5RJvm9t2_vedAqpUcp3wpL_yqE-sCDoJfmixOg-bwQ6sVDVhtC0hnGChxRQ9mHiyDEd_bpFYBQkrUinNzrVrBLdK83xRlPRIWOt4IUAPUqYJVExjPDdv0PcIQnxsvW5H06_1YZAZ3K_6ki9GDxUleOdoI7vtqa-K3_N1ZgqvnaTCDFky2P8L7p5AWdJ1Oq2gJHmxzvMG9C-Hl3GhbCtBqS_FnlDgnImaLRxv_W3YXB5uXg2NYfVAEbpuBd5XQJ59G8KF_S_2XUfQ1ysrhkQ8AZGxGDsCTlt8eWhx10mbj9AC-d23HjmoliBv1o-nkN83bN75lMQjI6lKsjICKXgxwAQXGKDmzTIy-EjFHM_EVRSeyksJGF_RZzI15amHSVAYeFiJmpOO1A_5oA9nJboqGSBZIdWcUL-5k6H6ED0JlWXduK4QxsXre-c_oxz3sqhh-zekY-_1ZB2wOiEimGxabpxscDytJcSxt4TYmOlRtJmJg-QJ6qI8jwUTsPyLi0dPgFtFYJ4bvjMjVLsoTkbBX19pVQp53k79RMwZzMHnRU-d7I3ZtXKI9Q-XbkjAO1RJseqnAXFwArH1Q-k1zXyxZddD1yPV6zhp-hVzEkVdom1aYlio4F3FmdIWa_TiC86xN_sVCMZGGOIqwZAeGGaIv4iXK0YbhMPNP99Tn5kTz38CwyiLqu0crWsS3Q5GfuG8GGJ6b4j0q3if7OubUTROqtN_wOzzbUR2DZCfNpPD-jq-n0bfVWytMCbyBe12MT_fzOlZmN5gdueOu_Ojz1-teN8S1QzNWLUvSahmdWyjPabYZRffZyKUFM645a1FPvQIrffYvJIaEvuj1lTkPwJuDaGi7RxMRWYXaeS78ijrzGCbdmZeeO4DX_RvIh5ZpsTt2ReYaaKYaWff2z7HsupLvH16Oae4LXI_HyVjSbwRzxjVDgWl-SNb3HgA06UgA4rF3ZScGPodXjA2fZMEXJIBa3-a30Dp3jHdHBhJ0muRfoGloqqxAR-vd5kCFhOeHfnR3x4HzJrx7mbcZ4dUwLdrhg7Z6YSv_UQ5WSMNBlEkeX88EBRxntLQRt1_j4zT7nSoHP43vfgpol48TDfBTSmpIk076S377b2h8TTtBtgLHRxU4rVLabCUfWsxBXrfuPEHy41jD-FXdlyGePIhSJWp7shSi3weCHrzr26yXXxLgFv6XCOLNLa-ShaTlkSFnp7yHu9v6RUr8YIwLbXe6SVpAfzSr72cy-zrWq7MFz4h76fap9ZobA54zTC3-eb0ySOxbV_WhyKh3qQjutbJ6c5tFmOQrDdjY8uIivI0u6eFpbvSQfFeHLQ1xoqIT6DlTNNBniwM5bG0sYeaenfvKoN6Jz2uNXRS8E4vYUW91YiQ-TOs6jzPxEFKSZOiDhEvoYZLkEQ8pjMQJiZK3kX2wotCH_MElurYgHLG6Up-1hK4lwo2cpgLGNerLSRwwMw8aEXSFolVwyBr9vxZsRQgN0G-uqv8_hJN_eIYPGDoS6UgjVYiUvUc&cid=CAASEuRoX-0n34CsnitqZybs7GX5wQ&rfl=1%2Chttps%253A%252F%252Fans-wer.com%252F%240
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65f598cd7e08f06ebc9c9d7f69d3e1e464d41d311a67a7d5626660cbc2cfdfec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30882
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C263 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CapALsgWLoKnUl9oYBOkFY9dReJCcIQNqu5Q8bUQiUw7Xwj_uz0KF2sJ9XWa1zYDngHYSGQGlQXPqomU5L_U18cTaR-kR7_wDyxkKbmd560wNAOWw
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame C263 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C263 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame C263 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame C263 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd_IB_Uhwaz0rWBoqjrNjQxgUdOsnwsU4cwvA3AK6-BGRQuWt_8X_wVkWyRWd77O4_FeMItjLNt3I2D879S5R6lY4E-A
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame C263 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fk54evn1&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERBLkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWEzODZmMzI3LTE1MGMtNGYwMy1hYWQ4LWFiYmE5ZmFkODI4ZSJ9fQ%3D%3D&sb=undefined&cb=9100370&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B81B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 428B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 93C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 42F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 42F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 42F6 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzp9QIQhKu2-wEYs7f-rwEwAQ&v=APEucNXWqdxBl9wcW5UEuEaEnm6jaKt6m_iFP5siqLFg4EK-nHvOjrYUs-ze-kZpgB85qsj1lxSwwsDmiNT1v8Uolt-TRVz_1O9036jvHaX3vqW776v9cOMex0fGgyXpDV4ROdA_EpO27VNzVtBWwmqsD1SnMcdb_JXWlwoaW1Apx8YsorxQuLs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
index.html
s0.2mdn.net/sadbundle/16017011513840789031/ Frame FEF2 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c10fa406d38be97b45d3809ea6f5910c5f695caaefde4f8d63bd6c0c7b2a7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3305
date
Mon, 08 Nov 2021 11:53:44 GMT
expires
Tue, 08 Nov 2022 11:53:44 GMT
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
182574
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 622E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssffKUQzCWVRnEJE8TqQPoMgcdRcLhjZ4RYCEiwfpIQVdkKfBdYuoOov7qmkPI_DCd6JiWAdAtgnjZQZj5lCqX-3MstYWPeYrH4MXawN0dURd9CTYK5_xYV35vCJxnwWLwCvtc-OF7BtcB91v_PZYu_T6kEm5K_YyFTxLYOjFEEOm9WareJtJVL4_PbDlPvBK1a30iHwkYXn7hH3FMJ01PzUBSWazLm5fw4KGXA0i7MHyhq3tPpn8P76Qpuh8pUoquuGpnImxZVZI4RGH94YnFr9qshpdTYWomDWd1kxGraeFVbXHvoY7tk1rpu_czRx6DZ499sbclz2BWM4RX5fvjlHNfynCLSq7DWVYpb6ji9u4w6AqVGdAdL61IFHicGfN7wZ6RR8xE5BVB4kYE7PKSff0fxcgKRd5WjgLDEbbVvmka0GM9eWyKTL96EomxgA-DOWpXpvzhrgw2q5e1u5ZhOLgbi-pKuZCWY6DJTTk4k848ORUo8esQfg1KOE6XOIueWM0SBj_wcmpfLkuGDAMAXlggkQuNgg44CEx14kf9-RNCBETQhIMaUaXHbTyhUZpTdQvHW86Q-uWvSjYtkM1-iAcasBPfyJtJKDsvaSsF1zq3At48M7aQpg028sfmCe5YvZbjwoUgxMxGljP_-JiBS1ZRfU5UHYmqcbP2VIQznmDy9GOAWL7y-WW52vTQh6ygs5Cux4ZN0i1rF8DyxsrG0gWt1f_4g3iqNicu1XqsdwKC_LbgHUxd-frs0Fp7dAwYIOk9pCbIR7EA9vbUa_4MNJPb-xB8qJsxIZsuZgqW3zNct9L0fyuYKsWhSYNtI7lE0qULaQlPw0Y9aA4Hu-H-gU9koraKv4oTr4TFBmBLJWbPqdiEgOvIn7vfGPZnSt01zhTR9DYxszbuYozI22V3GogPSirttPFovxBBNETMa68nZv6Cg_htuZJSjOp0q0nvnnWxHL05Ed4XjIh_ZYPME6UYCWNjIRHzPPThuLcKBvUt4tBewaXn9h56-X7JigQkKQNMQevirH8rhcdfEVeZAfoQtbbOpN_qkc9uBkQ_7AYUpjgMnu3ICf3jVcPq2u1lZbw2El3TmqWFrXejn7HXvFPKQ82eCm4ql-DL1xeHjXP9Z3n6kGhayHJssI1yHAIQrN_4heMWkeG74sl25fPKqXJE7BgH9uoy7VUB-_w&sai=AMfl-YR4m3Qclsj40q4f6Auhz-TON8o9SkGQYxdXYap5z2dJMqETO6N6fHcesKcBlPDVycazaG7HbPv8dc0yDp9lOz93p6AmmDJaeKEGVbMqsSO7s-KlcPW6j8EcbutWMlBAqNPXFh6rxhxtysshtGLIg0PqJ7r-a_c_0jkbF5uZJQaJtsCHBJXsFnZQ4gMJ6wYUO-5aqPjy4EUlHCtwJgK-3KcnKbPzSLxltSi9zFHUG1f_L05_pdei-Z65dyWsLoVuRDYrwj6nqxiDOVN8u5Gxt4sRWxnyKGq5FD8F_0k&sig=Cg0ArKJSzFRWVrYL17EHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=706&cbvp=1&cstd=703&cisv=r20211108.30171&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 10 Nov 2021 14:36:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame DA8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA8C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame DA8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DA8C 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGKiF9bABMAE&v=APEucNUtq33Xrry0igdh_FfHTbFJo1dtaY6LSmwogFwl7THiXBDREYl2OBSKMDX36vPj7xuPXdqVJiD_Ja4ObndXSdFIotRkTY2htMESo6YFBTr-W8mker25UzLaDBGZ83mdbZ0dB1WqncCM48IFzFK07DejUw20UT2MWGHBgsisFST2_7OexGE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 27FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27FE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 27FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 27FE 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNX0HydyfhFhSmTKMBoSqryG5f_d_gtrwnfADV06zhAhnIirZIH_TUfp_nyogctwsGPboHxdF5vGaPy5Ro_haFOMC3E84XbNjpD3MCZBIlomRR1D3Gk3_Nssr_7N3LQ3Wmdl1g42bWe1Qq3Y01hlXHrXDzHyah9-XiOWOMQxyZWz7OvYpgo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 620F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 620F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 620F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 620F 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGNCO9bABMAE&v=APEucNUwdLc4b-d-E6Rgie38JOnLK4QI5rXxk8iWkPy8LVEqSgJjYKMZs_54MXfG93-FwHf1mmyuRnuVcNT-EPs_cVTEzOm7fkOgaThsPVVXdg8VXFhk7C5OH0P1W-xPphGBhmkSSpyz7-5iq6p_NA-oPSKRDSugbCskuqixiPL6FAMYL-EwVvU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E5FB 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62681
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 53C6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdea2f97a4aa72da4a16e52537fe3b64b98336122dda0ca20dcf1ea29b5c79cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame BB0F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9506
x-xss-protection
0
server
cafe
etag
11173536317444432557
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:30:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BB0F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
bsevent.gif
tps20517.doubleverify.com/ Frame 612D 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=0e39ee93cc574c97be0f4c0a3840746c&vfdur=240&cbust=1636554997687297
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
log
protected-by.clarium.io/ Frame 612D 		0
0
log
protected-by.clarium.io/ Frame 612D 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0B61 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62681
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 612D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6a6d1e00d7f56e6f2e210c99a837a40ae08901e974d66bec04302dea300e1e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
i.js
cm.mgid.com/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1636554997777677740487
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/n/ans-wer.com.1153326.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9369c300a8445a083365f53aff5c1388cdc09ff4aeb900ea812ca607ea08949f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003a2accd0621-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bsevent.gif
tps20511.doubleverify.com/ Frame 0B4F 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=514ac5d8c79a4c21b179b664412a3173&vfdur=98&cbust=1636554997778145
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
log
protected-by.clarium.io/ Frame 0B4F 		0
0
log
protected-by.clarium.io/ Frame 0B4F 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 057A 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62681
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0B4F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a24237f3e590b51da40613b2d233fc7e54da673e23ccd2c556c2279fa538227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
bsevent.gif
tps20524.doubleverify.com/ Frame FA06 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20524.doubleverify.com/bsevent.gif?impid=ae199ea7f467434788ed41e53c162f6e&vfdur=222&cbust=1636554997834991
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
log
protected-by.clarium.io/ Frame FA06 		0
0
log
protected-by.clarium.io/ Frame FA06 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2CBA 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62681
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FA06 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57f2615e2f48bb1cb71b9a9a9c407e6d7d90e4f40944c274ebe74fffa3f11fb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame B81B 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 428B 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
bsevent.gif
tps20517.doubleverify.com/ Frame 612D 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=0e39ee93cc574c97be0f4c0a3840746c&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554997906165
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
bsevent.gif
tps20517.doubleverify.com/ Frame 612D 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20517.doubleverify.com/bsevent.gif?impid=0e39ee93cc574c97be0f4c0a3840746c&dvp_or2=1&cbust=1636554997907474
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C004 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bsevent.gif
tps20524.doubleverify.com/ Frame FA06 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20524.doubleverify.com/bsevent.gif?impid=ae199ea7f467434788ed41e53c162f6e&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554997921414
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
bsevent.gif
tps20524.doubleverify.com/ Frame FA06 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20524.doubleverify.com/bsevent.gif?impid=ae199ea7f467434788ed41e53c162f6e&dvp_or2=1&cbust=1636554997921476
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 93C6 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame C263 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Nov 2021 14:16:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame C263 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:32:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame C263 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9506
x-xss-protection
0
server
cafe
etag
11173536317444432557
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:30:09 GMT
sd
us-u.openx.net/w/1.0/ Frame 55CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 55CA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 55CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 55CA 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahiov_u4ATAB&v=APEucNW7SOO67x2-dbLGC9gIay8qdNiaDF3wopjkL1bYwWXLfwlCkqvXCN2Xv1EDcyfae3pgXuF8Y_WZfJ-WTzTCcFOM-hpwfcqrkLSbhCryrkg7oqJo7tRAnEDKVz_jHYXJCzi3sU7Eh9xRocbjd8epTVVZIukc_nEU_FnZFJLEvcJX_cb1b60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
bsevent.gif
tps20511.doubleverify.com/ Frame 0B4F 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=514ac5d8c79a4c21b179b664412a3173&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554997988662
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
bsevent.gif
tps20511.doubleverify.com/ Frame 0B4F 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=514ac5d8c79a4c21b179b664412a3173&dvp_or2=1&cbust=1636554997988505
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:38 PM
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3158100700352405&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554998&dt=1636554998000&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=620&adys=4789&adks=687570588&ucis=3&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x250&msz=300x-1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
76f57d70398daf7ed6113e205b70d6d9a6309c22246029273baee94766c7aa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28551
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3012
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3012
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 3012
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIHudN8OX9Gg1sRJtCqOOBw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3012 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNVc7leEj5lg9_6ELocMQhhrD1ZXKavTm04_R6PWKhlNeriKarFHim47N0O7O81DAzVv8agVGQBt_3M6EBoWnneincQ6MhvuTozElS6IiyHlusWkXZw1c4y5k73I-BDBPiXqHnpJrLMSDb3iafkwJUAMyusfazuXpVJF4qe0GiMlXKP7NzY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:38 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2889253567422330&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554998&dt=1636554998036&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=620&adys=6380&adks=687570586&ucis=5&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x250&msz=300x-1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c4ccbb44af5e8b90b41cc8efe0dd7628e63802e52061e116f1c9af6157898d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18821
x-xss-protection
0
google-lineitem-id
5528971813
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138330242422
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ce4839bf-41af-4856-8109-093a8cf57061
player.ex.co/player/ 		680 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
149967ec5450cd9404726c64ed8f7ff32a707cdbbd4218e18385c8155f4c0786

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
age
5846
x-cache
HIT, HIT
access-control-max-age
600
content-length
204878
x-served-by
cache-dca17756-DCA, cache-fra19157-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1636554998.475254,VS0,VE2
etag
W/"aa11d-5tPp9BYU4TOqJ2BVLM4IpbbTHpY"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2040729631839547&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554998&dt=1636554998067&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=620&adys=5960&adks=687570587&ucis=4&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x250&msz=300x-1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a1f614aa2d2ffd8be4073a1e055bea7236cfc9f65c6d3730c3d588f1b6453eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18765
x-xss-protection
0
google-lineitem-id
5528971813
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138330242422
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9187 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveMatching.php
live.primis.tech/live/ Frame C34F 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31305F31367D7B7331363539303336347D7B4335377D7B535957357A4C58646C6369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593431307D7B66317D7B4C31303238377DFEFE&userIpAddr=168.119.25.197&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=618bd8f0b4cd9&debugInfo=16590364_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16590364&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed26f0ynupihso&secondaryContent=&x=600&y=410&pubUrl=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=10287&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:37 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 622E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 03AB 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62681
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 622E 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
957250897b79b9f1896ca312612b70d1856605e209710d5dece73001cfb3acc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4820 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A93E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 4810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVrf389iLYf34KISFjuwPkum1-AK4gYDzZdHht96tDt7z06blKRABINjV2CtglbqUgqAHoAHwpveuAcgBA6kCfE3mLa-ytj7gAgCoAwGqBIgCT9BpNcKa7xzfQbdF9rvJBNRS8ysQNeXBwQEJuoJeaNMj0ul4C3ZwFygC7Sibv1thRQDK71uyyRfGFUosw8dHAxeF8IS2Kaa3m3XuVrkAzH4L6_kS63deSZXFxiLQG9oeVp1DpIt1IP2JQBaJXedTtH6D_VZmiFTFVPEbqsMH1WPfx0tDgKXdGiNoDI4KJa2GPIQdqaHYqyyaKyRQju9n6xSbB8pgX4rl8BtfvPSM1fzYVHt6zCq4STDToin0XfXjiTmBYsxd8ikfSprPsiJeYGtLQTBZEcMT6Do0AmRyL7uljDOaZOF0XpvbGRjwCg6XMQ_gZZ2Qw34-1ayMvyP6sj0qBbGshzYWwATUpcWY8gPgBAGgBgOAB_jYiNECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQgMse0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01OTE2NTUyODQ3NDUyNzQzgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=dsnn4HacvXw&vt=1&uach_m=[]
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4810 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoxM-oLEIhCwzBdSElNASzgRp777JKv6K57euN4DphJuplWO5ygymcT2inK9-GqaQODV41aFWY8r0r_dV-H0Z6X2BBrTPPhvTGNxAozTgiTSYOUzLzpw&sai=AMfl-YQ5KNoJMXVbAU4XWOtkvPd_IeRRTrN3S5YYFYLMNc8fZOXRYy2pELDrqJCT-7RfCpwxpKfV8ceN92GabPOA7SMUk5A3cFxriHUGiETXW05HMh6twc5HC6eYvBg&sig=Cg0ArKJSzI_8qL3kVpZSEAE&cid=CAASF-RoYJNLrfdtyKxTf0gSyagjcE6HJwjO&id=ampim&o=436,83&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1285&mtos=0,0,1285,1285,1285&tos=0,0,1285,0,0&tfs=719&tls=2004&g=100&h=100&tt=2004&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3189406419
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CreativeApiGoogleAdManager.js
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99042f1a63b0718bb42b937b1b65a3dcbb065200ec8ec352f80452727111d9b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 19:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2410
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 19:34:49 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FEF2 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:38 GMT
bg1.jpg
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c70aed8085d619d9af7f6db1fda606952c0d91f0ef8ef7b696d01046622088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 07:11:35 GMT
x-content-type-options
nosniff
age
545104
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92937
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 07:11:35 GMT
txt_bg.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt_bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6a99b6d467cc7c212e3a51c31f0680b687cae2a4f779c445c6a4fa08415516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 23:04:52 GMT
x-content-type-options
nosniff
age
142307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3391
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 23:04:52 GMT
txt1_1.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt1_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9320acf45091cdb30afa1d56caf2563462ef58283c08776d50ef13f4c61d6674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 02:58:56 GMT
x-content-type-options
nosniff
age
473863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3759
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Nov 2022 02:58:56 GMT
txt1_2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt1_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df1fa3a8fe00457aae5ab8b71d9820d9884fece5ce191c3c013dda0c97b99e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 12:10:38 GMT
x-content-type-options
nosniff
age
267961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3824
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 12:10:38 GMT
logo.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		413 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a479f83cca1846bad3c354e5e950e88aab8673168e4d3060a0aa4e5d8f9e0903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 14:55:11 GMT
x-content-type-options
nosniff
age
517288
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 14:55:11 GMT
bg2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		400 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/bg2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
426112c0482818b20c059d33cc8761e39794c385238fc6f2fb2b9a71f9df7a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 11:17:21 GMT
x-content-type-options
nosniff
age
271158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 11:17:21 GMT
txt2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0d354d45b80213322b59985c9beff4f79692ee4d886ba33db26fa750b6bd20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 13:25:13 GMT
x-content-type-options
nosniff
age
522686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5433
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 13:25:13 GMT
logo2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/logo2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7295b4a401c5f29a31b6b7647ac338184b4a70bf11e598e2eb22b2521d22644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 18:11:05 GMT
x-content-type-options
nosniff
age
159934
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6753
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 18:11:05 GMT
btn_n.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/btn_n.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0631e7aa9f75e06d31f440846182256647e04bfb08bdd26271d57a21d0e604a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 23:54:06 GMT
x-content-type-options
nosniff
age
571353
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2522
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Nov 2022 23:54:06 GMT
btn_h.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/btn_h.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a27428b6dfaf72e49948fa74b442718ffaed498b7c88f647c8d7a3034ed459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 01:47:41 GMT
x-content-type-options
nosniff
age
478138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2922
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Nov 2022 01:47:41 GMT
i-noref.js
cm.mgid.com/ Frame 11C6 		19 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1636554998225998016319
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/n/ans-wer.com.1153326.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003a56b7105f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bst2tv3.html
cdn3.doubleverify.com/ Frame 0042 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84309
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame B81B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_720990531462&jsTagObjCallback=__tagObject_callback_720990531462&num=6&ctx=3758893&cmp=26194978&plc=309762282&sid=5775970&advid=&adsrv=&unit=300x250&isdvvid=&uid=720990531462&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=3.10&dvpx_strhd=3.10&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=31&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=9.10&callbackName=__verify_callback_720990531462
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
7a563e6d2420cba9d24dba76ce3c0a6e32465c0773102ccd799b1ee656ee73d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:38 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:38 PM
dv-match6.js
cdn.doubleverify.com/ Frame 3A7D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19321
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame 9D3D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84309
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 428B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_256780160717&jsTagObjCallback=__tagObject_callback_256780160717&num=6&ctx=3758893&cmp=26194978&plc=309762291&sid=5775970&advid=&adsrv=&unit=728x90&isdvvid=&uid=256780160717&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=2.40&dvpx_strhd=2.40&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=31&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=7.40&callbackName=__verify_callback_256780160717
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
b4d65c3acdd3935e5d2707843834698a6f24a08b07bd926347c0b166234eb3f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:38 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:38 PM
dv-match6.js
cdn.doubleverify.com/ Frame 9C55 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19321
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
activeview
pagead2.googlesyndication.com/pcs/ Frame 612D 		0
0
container.html
2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CF2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 14:36:35 GMT
expires
Thu, 10 Nov 2022 14:36:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.2&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761908843%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1683
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
bst2tv3.html
cdn3.doubleverify.com/ Frame EB04 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=84309
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 93C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_484634677184&jsTagObjCallback=__tagObject_callback_484634677184&num=6&ctx=3758893&cmp=26194978&plc=309762291&sid=5775970&advid=&adsrv=&unit=728x90&isdvvid=&uid=484634677184&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=2.40&dvpx_strhd=2.40&brid=3&brver=95&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=31&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETar9EEADTbpTauTauaagd4d__%60ecgh%60272hf5%604f2__3776g_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau2%3FD%5CH6C%5D4%40%3ETau2C2K%40F%5C32%3C6C%5C4%3A%3F56C6%3D%3D2%5CC%40%3D6%5C2%3F5%5C%3A%3FDE28C2%3E&dvp_exetime=7.30&callbackName=__verify_callback_484634677184
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
a48c17ad626639d0fb30aab8927d0f608a5c3697f3a6c81ea5ceae8bf9c8f67d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Wed, 10 Nov 2021 14:36:38 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
11/9/2021 2:36:38 PM
dv-match6.js
cdn.doubleverify.com/ Frame 0EB2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=19321
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
google
match.adsrvr.org/track/cmf/ Frame 53F6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPLI0evJq6rGDPFcw0-PgOWeQ6-UnTAIvS0WZke73cvgta_OO3siVnx5CxKeLz4jAANHB31neeeyPCMbnpczd-GY0awaP70b
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 53F6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimD...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimDnED9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimDnED9AFhj2oviFr
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIah5zedyv4loSpOZwAnW18o5sXMKMF5AcmYpBNp67826TeVX87hsRcNowFShYxRQK767VHm0-Cm7wimDnED9AFhj2oviFr
Date
Wed, 10 Nov 2021 14:36:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 53F6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWt...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWtSWmF0h7U&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWtSWmF0h7U&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJhWngazhh7LpMI8rq0NomCtPCAM3Mk2Vx0BMc4D2pyBK09y9Uoq0DgnDM1GZmUmG6-wkjmHjhWXO7_uW6NFEWtSWmF0h7U&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 53F6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6TLKClafxGdKhEYh5PQXqscY_r4tTalIoetTMk6O7tQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rid
match.adsrvr.org/track/ 		108 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
3b5b65ff05003469140538ee4547bb8a0ddf1cebacf50c298c48832a4c70def7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ans-wer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 10 Dec 2021 14:36:38 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1458
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
/
ssc-cms.33across.com/ps/ Frame 27DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 10 Nov 2021 14:36:38 GMT
index.html
cdn.districtm.io/ids/ Frame 0A8D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ac003a64dbf4e97-FRA
ixmatch.html
js-sec.indexww.com/um/ Frame 7E44 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame AA12 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

content-type
image/png
date
Wed, 10 Nov 2021 14:36:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
cdn.districtm.io/ids/ Frame 83A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ac003a64dbd4e97-FRA
/
ssc-cms.33across.com/ps/ Frame 8575 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Wed, 10 Nov 2021 14:36:38 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7700 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B839 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45997
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
vary
Accept-Encoding
sync_iframe
sync.bfmio.com/ Frame 4369 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995632
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Length
217
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame 8E55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ac003a64dbb4e97-FRA
checksync.php
contextual.media.net/ Frame B16C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 12 Nov 2021 14:36:38 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
content-length
8171
pd
eu-u.openx.net/w/1.0/ Frame A22B 		1006 B
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730faa3bb8655d6f579e36335f0527e63af40c2ccf69ba745fb5d6647039f500

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear
checksync.php
contextual.media.net/ Frame 3288 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 12 Nov 2021 14:36:38 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
content-length
8171
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6ACE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45997
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4386 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 12 Nov 2021 14:36:38 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
content-length
8171
/
ssc-cms.33across.com/ps/ Frame 2CDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Wed, 10 Nov 2021 14:36:38 GMT
usersync
rtb.gumgum.com/ Frame 0D33
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Expires
Wed, 10 Nov 2021 14:36:37 GMT
checksync.php
contextual.media.net/ Frame 1728 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 12 Nov 2021 14:36:38 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
content-length
8171
beacon
ap.lijit.com/ Frame CFAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
beacon
ap.lijit.com/ Frame 5C50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C51 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45997
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
vary
Accept-Encoding
sync_iframe
sync.bfmio.com/ Frame AB5D 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995486
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Length
217
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 7EB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Wed, 10 Nov 2021 14:36:38 GMT
pd
eu-u.openx.net/w/1.0/ Frame F28B 		1006 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730faa3bb8655d6f579e36335f0527e63af40c2ccf69ba745fb5d6647039f500

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
timing-allow-origin
*
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync_iframe
sync.bfmio.com/ Frame 8042 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995637
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Length
217
Connection
keep-alive
beacon
ap.lijit.com/ Frame 14DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
pd
eu-u.openx.net/w/1.0/ Frame 2FCE 		1006 B
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730faa3bb8655d6f579e36335f0527e63af40c2ccf69ba745fb5d6647039f500

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html
content-length
543
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame AE12 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A00D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45997
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2882 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45997
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame E0DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ac003a67e334e97-FRA
beacon
ap.lijit.com/ Frame 9490 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
beacon
ap.lijit.com/ Frame A5BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
index.html
cdn.districtm.io/ids/ Frame C520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ac003a68e404e97-FRA
ixmatch.html
js-sec.indexww.com/um/ Frame E665 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 8A70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cp_RFGzV0r64onaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Wed, 10 Nov 2021 14:36:38 GMT
sync_iframe
sync.bfmio.com/ Frame 4503 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995757
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Length
217
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 280C 		815 B
808 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
7fc32ff80eb80e8a7c9e7ac867dc6b73b480dcf0aff252b001e91a3dd645d876

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html
content-length
480
content-encoding
gzip
via
1.1 google
alt-svc
clear
generic
match.adsrvr.org/track/cmf/ Frame A50B 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pd
eu-u.openx.net/w/1.0/ Frame 2586 		815 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
7fc32ff80eb80e8a7c9e7ac867dc6b73b480dcf0aff252b001e91a3dd645d876

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html
content-length
480
content-encoding
gzip
via
1.1 google
alt-svc
clear
checksync.php
contextual.media.net/ Frame 48C7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Fri, 12 Nov 2021 14:36:38 GMT
date
Wed, 10 Nov 2021 14:36:38 GMT
content-length
8171
sync_iframe
sync.bfmio.com/ Frame 3CF9 		217 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995493
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Length
217
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 92DA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/3/d/cf7dba-5019-4a7a-8438-8801bdc7e7b9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4777276572329354755
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4777276572329354755
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7c9c14b7-8e39-4fc4-8926-f288625da4d7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=494279&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=e655f21b-811b-499c-b1de-37ff6ab6a350&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=e655f21b-811b-499c-b1de-37ff6ab6a350&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=d532da7e-8a78-4d44-ba06-01bbe3e2ba03&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECJDOQtq8OLwru56k6K2Q78&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4777276572329354755&opid=apx&ops=&utidl=tech:goo:CAESECJDOQtq8OLwru56k6K2Q78&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22385448002&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=a064a09346fcf640decd2c1a8084a062&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/3/7.gif?puid=63216703751941907133781990417336664270&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
usync.html
eus.rubiconproject.com/ Frame CB69
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1636554997777677740487
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Wed, 10 Nov 2021 14:36:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync.html
s.adtelligent.com/ Frame CCE3 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1636554997777677740487
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://ans-wer.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=laazBrIQ0lA6
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ac003a6cb384e55-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=5600a26d-87f0-4892-ad2c-549534a949f8
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=5600a26d-87f0-4892-ad2c-549534a949f8
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003aeddb705f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=5600a26d-87f0-4892-ad2c-549534a949f8
date
Wed, 10 Nov 2021 14:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=laazBrIQ0lA6
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1045131238910643293&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=33550408-bd18-4c2e-af2d-417206d04e39&ttl=1639146998
43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=33550408-bd18-4c2e-af2d-417206d04e39&ttl=1639146998
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003a8a94805f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=33550408-bd18-4c2e-af2d-417206d04e39&ttl=1639146998
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
mw
mwzeom.zeotap.com/ 		95 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=laazBrIQ0lA6&zpartnerid=1532&zdid=1532
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ans-wer.com
access-control-allow-credentials
true
cf-ray
6ac003a6cafb692d-FRA
access-control-allow-headers
*
content-length
95
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://cm.mgid.com/m?cdsp=501037&c=EOA0VHTlN7sWT0ZE90fa&pi=mgid
43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=EOA0VHTlN7sWT0ZE90fa&pi=mgid
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003a8890405f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=EOA0VHTlN7sWT0ZE90fa&pi=mgid
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT, Wed, 10 Nov 2021 14:36:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=e655f21b-811b-499c-b1de-37ff6ab6a350
43 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=e655f21b-811b-499c-b1de-37ff6ab6a350
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003ab8f0205f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=e655f21b-811b-499c-b1de-37ff6ab6a350
date
Wed, 10 Nov 2021 14:36:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=laazBrIQ0lA6
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ac003a6dc6adfc3-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=laazBrIQ0lA6
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=7e1f55f9-aa7c-42d9-8550-d757745cea49&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=7e1f55f9-aa7c-42d9-8550-d757745cea49&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Server
18.184.122.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=7e1f55f9-aa7c-42d9-8550-d757745cea49&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Wed, 10 Nov 2021 14:36:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=88XOl9wnxstqlRkUmmXAXy1M&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&us_privacy=
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ac003ac58aa05f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 10 Nov 2021 14:36:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGFhekJySVEwbEE2&muidn=laazBrIQ0lA6
  • https://cm.mgid.com/google?muidn=laazBrIQ0lA6&google_ula={guid},5&google_gid=CAESEOvgwM5xp2ws68PQa-P5aNM&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=laazBrIQ0lA6&google_ula={guid},5&google_gid=CAESEOvgwM5xp2ws68PQa-P5aNM&google_cver=1
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ac003a8992105f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=laazBrIQ0lA6&google_ula={guid},5&google_gid=CAESEOvgwM5xp2ws68PQa-P5aNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FA06 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8692 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0E5te7dlu41Q09xbe9eFmmKxJ53EDjbXX5FzmozpFpFHMwFZy_qRLfIuqp2mXzFLlItQ3Vaa4bWW8_NZORDs2RY9IvsarpwO-enVanqb6Tdx8-T75TikVVmRIYYVdMtNpi82HRQIUr737Rk2zR4cPAXLKxGf2xFkbWwrHorITrSeuWqa3V6t4V9D0ipPHAb5B1TDKPHyjIknynHxeqE2N45H__3JTPbGhj4npxYPk3KioUzjh1qi0QXGX9MrbtTYV8LXIRmt4GiCKlgzzNG9XrNsz5aoSMw-2qxvXqZ5aj7CYsj83Gef_BWHADQ-7kn2WJZq_pFJVGyQ&sig=Cg0ArKJSzOtMSH9WoJfdEAE&uach_m=[UACH]&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 8692 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 13:51:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 8692 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8692 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:38 GMT
l
www.google.com/ads/measurement/ Frame 8692 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb-2CHpwJoHFSse2_yjt_UexraOM5Aw0ZpXMr0qAbr_2ioZyRy7C3oik_LW5682LvApeTcHRbbJTd_SOM93K-vF6UDLw
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
12005443316448172194
tpc.googlesyndication.com/simgad/ Frame 8692 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12005443316448172194
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf1f0aaa3fa9a956e69ffff9f76757cdd2c848d19617e7a279b35b48438d5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:43:53 GMT
x-content-type-options
nosniff
age
3165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15001
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:40:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Nov 2022 13:43:53 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.3&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A4410468141%2C%22sourceAgnosticLineItemId%22%3A5528971813%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1683
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
banner
ad4.adfarm1.adition.com/ Frame BB0F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=4699120&adjsver=3&fvers=&iframe=1&ref=https%3A//ans-wer.com/&ro=https%3A//2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&os=17&browser=11&userid=0&wi=1357094882&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
7e51da09cf8267847bd146f82f89ed9b4a9279bd1dfe4e988023677b2a2e8b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 15:36:38 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B4F 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame C3AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUA54VHBhQTcR-FhqRqg4UWMuFPYhSBslOkMFnHuEMC3l1kDSOO95bWho9qRJLALOi5Xw51MgHj3U6YyjE5iI9QmmVuT0sGVL3BKDSK86QBIHFmVP-8QiAj4VzbWP9SQyFZdxDvkPLjQSI_EFZe1u2lNNZg5XB2LptHFUzGya9zRfRP0LSF3HpBd15QXLZz3x8z4iC9-is-edTdX28fnRFVXtk2OfWGQs8JNlJSjuJlVElTlWUFjUP4kv5y6gesETYmtaMRBM8j-kdqzxLRWoI6qHIgB0vDwUVwy57Ku1YcpR0AdwpsNwRdTwqW0QTv806CbJkg_8meuc&sig=Cg0ArKJSzDWcyqy9JF_1EAE&uach_m=[UACH]&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
12005443316448172194
tpc.googlesyndication.com/simgad/ Frame C3AE 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12005443316448172194
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf1f0aaa3fa9a956e69ffff9f76757cdd2c848d19617e7a279b35b48438d5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:43:53 GMT
x-content-type-options
nosniff
age
3165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15001
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 19:40:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Nov 2022 13:43:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame C3AE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 13:51:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame C3AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3AE 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:39 GMT
l
www.google.com/ads/measurement/ Frame C3AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQfQGynB6zuiIETaGDTy1sq8M9wLZ1d1RAyaqbsTi8xbPhCC_VzjgrvePaMISQj0T29NfsQkW1eCfx2-M8NEB2i3lykg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.4&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A4410468141%2C%22sourceAgnosticLineItemId%22%3A5528971813%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1684
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
index.html
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/ Frame 42F3 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3490
date
Mon, 08 Nov 2021 13:31:03 GMT
expires
Tue, 08 Nov 2022 13:31:03 GMT
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
176736
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C263 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDloK_CFSaO8My458On2BPqtCASUEgeXUQGNKQ2xSmlAkYL_vLGZAsqWEy6OwFEvIJli8e0E8OJSqm6dgduI_MdO0sgfUx_dZ0FtwnN2U5v0Fwm98JnK5b9M4h-yKMsUgDLbwcCWYuBXNmguR27ZGwFQrFQmXjpfop4muJsDy3T-07VRH9YM-_-j_hEfwJPF5-4XAzHsFluG0Eu5QbwlO6UiayYyrJRQXSuFWyeQfpQWQsdFz2C9Lrv8A8NXcivkra_bPe9Zf_Yl5lDxNR9AD-HUScqdgYNtfzAHGfniihfeeagB4qKSdZktE1yUeo8nw7f83PEVR4msuChp5vWy03tKx9jcDKFTxuT2xghI_W9WiIVrmjJnHBlLm97zNASiHLlCAefELiJEcTX1j2TE8gflETvX7YBmdLOSZmPvQEqENhCZ_XOIfo4k2LXalt9tXW-flj-_A4BGA8cvyz2pW6q2pIMcBNdaEPN9wW8Fw37vWlViCmxS4CZO-kYT4oiht-oDYXeD-tGaP0QgOqxPYpISoH3pHLa7nMXdVr0_Z0Y3wagaGNSiVfdCNIH8cvdjuJPmMXaFOls8Cn8XVf7ft6LDIuPpTzNy4d46WV-ADgIv0VwFdZ0uSGGXvKMOtjbjeBJ524pvmD26FZGt3CNPYq3d9WzDDdkvA0E191xiiTwL6F9LNGJ_nKWA5CafkxtCvVaLjB0Ka2W41GAf_n13PrXSlrsm_k_YIehyvzSZ5g4Th0SvyzTTE1epGP_nuNSWlcFW6I8j5YqAUZkhNarMzsUIt6g1LAqz08xqF21vxzvwntyw6C7DkgnFAJmxqzQ2yrsksnbCjFXwBwVlPuBjCbfAzfuXU5CJp_N7HoCHn3A_hKL4CWtNSKtfqCe0CHFhif-gPR_lkup9N-bK7TKLnTDvPOdL5_8KoNr5RnHo59X8Lh9F9-08nTlKwUeSW6YOwjCxC9QAFFVzZOhbpFD6yhi6fJbdsH6PDjtrYrKUDwOFdZkMpJf5CV9q1VufQHGJi01tcSa-2L37lAaSbNiGxOv0qIykMbLTrod23b3SK5uJVDT6i-dFPuhxBmgSQRKWly7kCDgR2f-PnsZea6OMwwu62oYd0FTWgVBdhb7e1XEqJpfRzXbItqN8svDDWif4oZ_0GhUVbiGVCW_bZMmIeXPLxU1YRD_KLXAAIw1XK3jdFe0ysy2qW6ByhvT9rtWqXe4L3wDg&sai=AMfl-YR6Q2FzCi6AhrX9bWKrCgaFmbTRBd3KOvt2LDUcOYvNCRg4FFy448DV_zjXW61SUZ0Poe-NxLGoI2fPS3oj-0TsNXghrYBEDIEsB-yMcQZOhg9M51j-teuwDriTq1T4DXt3y9QzM3oiMvxlG35CYbovGkyvsQ&sig=Cg0ArKJSzOWhTJVAzrvTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=697&cbvp=1&cstd=696&cisv=r20211108.48161&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 10 Nov 2021 14:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bsevent.gif
tps20523.doubleverify.com/ Frame B81B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20523.doubleverify.com/bsevent.gif?impid=a2bb9f290d80453a86b9866e64f01690&vfdur=20&cbust=1636554998762442
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
log
protected-by.clarium.io/ Frame B81B 		0
0
log
protected-by.clarium.io/ Frame B81B 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D70 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62682
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B81B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4440d24955806f03b5614ca7b53530dbb46b24a2efc627a16ba4fa2cb37586a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9895 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bsevent.gif
tps20525.doubleverify.com/ Frame 428B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20525.doubleverify.com/bsevent.gif?impid=98505d0551e84c07816632f352fd45f2&vfdur=14&cbust=1636554998818363
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
log
protected-by.clarium.io/ Frame 428B 		0
0
log
protected-by.clarium.io/ Frame 428B 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 28E3 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62682
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 428B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4fed72aa8920af6d204b9b02270ff32b7f3a891f07b823bd9ed9930f621d0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 4BC1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
bsevent.gif
tps20515.doubleverify.com/ Frame 93C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=bc9850446c2f41f7a385eef772045e56&vfdur=14&cbust=1636554999006527
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
log
protected-by.clarium.io/ Frame 93C6 		0
0
log
protected-by.clarium.io/ Frame 93C6 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A309 		1 KB
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62682
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 93C6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded4b4eff4d14e4d8b1f810fe09ee83b18f6d20551abc3608a043ddd8f5abf7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7DD1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 53C6 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttaTadqp0-0jOd-H2JDrUPg8TTBISvSJkawlq-FLIcxOg6F7MOYKEvG5IgwMOMRi5cwESJ2vHJogBaGxjvIO8cRMPX8LSaz_El2rNWI3nK2bkonEQxdg&sai=AMfl-YQtbva3UKS0odGpqMDbXUKkG4nuKmKjE23aPZ0LoPFt0bkbis9IAKVmTU4GymYEHR9dbaN3NvjvXDtxnJQ-kT73eCwigd7qcTIAaot5qRNNJLNo30MFx_i8Z0s&sig=Cg0ArKJSzBcijGtNzMYkEAE&cid=CAASEuRo5nVLOlW49htetmvJ-UQY4w&id=lidar2&mcvt=1412&p=829,1180,883,1500&mtos=0,1412,1412,1412,1412&tos=0,1412,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&app=0&itpl=20&adk=687570585&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636554995972&rpt=1676&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame E5FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPKbPYKWl4s91obnQab6bIyEkz3dDVLsO-G6zqZO4nd3ckmc2ZdzbyGXovlQEf_ZPEexA6JUc7C9coYtDNBM44pZMFAE4iEU
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E5FB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432Rzse...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432Rzsew-k1bj11oG
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKYfImlH7TNNpniEWcR1hzTE0N-Dm3C-8B4oyHuWsBxQYCKiei4X_Tssz8vHSChC1TFZyejdR3kqLV432Rzsew-k1bj11oG
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E5FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPLouej9i1Hq4EoVrP5nSHHThcgAXzsO8-V29PVT__tPsgKSDs3HlKzF55YikJBgMdBfw7kue-B-bk7ubzL_7BqC...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419410995139&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXTslLvEULL&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXTslLvEULL&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXTslLvEULL&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E5FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuFUphN5PvkxYceYR0EYKDpxD16GtaE6xcLtxmIHoRsA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		335 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=2624582274392171&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554999&dt=1636554999143&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=620&adys=7350&adks=687570584&ucis=8&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x250&msz=300x-1&psts=AGkb-H95TSpP34MzT9iiRpCF6tB01cOaBWjpL2mEuz9vCeJHWDNbhwL3d7HNNLx_FEFTQen0efkDNweFOOZlifczkp4%2CAGkb-H_0RKdNQ_Z8Owjiq7koAwOjK85NouN8WixI5akuOHjv8oDlKL3twi0vda2dQqIlZcirqoQJ4j-dhGJ-ez0P1l8&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
58065b3c12038b9bb9894ae2994a3adfedfc9a999ef7ea7135f89d5ac24be38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20523.doubleverify.com/ Frame B81B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20523.doubleverify.com/bsevent.gif?impid=a2bb9f290d80453a86b9866e64f01690&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554999159238
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
bsevent.gif
tps20523.doubleverify.com/ Frame B81B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20523.doubleverify.com/bsevent.gif?impid=a2bb9f290d80453a86b9866e64f01690&dvp_or2=1&cbust=1636554999159207
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
ads
securepubads.g.doubleclick.net/gampad/ 		335 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=3867809793048660&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C320x50&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D728x90-300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.17%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554999&dt=1636554999190&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=406&adys=8363&adks=687570663&ucis=9&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x90&msz=728x-1&psts=AGkb-H95TSpP34MzT9iiRpCF6tB01cOaBWjpL2mEuz9vCeJHWDNbhwL3d7HNNLx_FEFTQen0efkDNweFOOZlifczkp4%2CAGkb-H_0RKdNQ_Z8Owjiq7koAwOjK85NouN8WixI5akuOHjv8oDlKL3twi0vda2dQqIlZcirqoQJ4j-dhGJ-ez0P1l8&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1967ff3f371600108f9a3d21f885ed1f617a7c07c2ff0fcaff4234228841a4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20525.doubleverify.com/ Frame 428B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20525.doubleverify.com/bsevent.gif?impid=98505d0551e84c07816632f352fd45f2&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554999206790
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
bsevent.gif
tps20525.doubleverify.com/ Frame 428B 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20525.doubleverify.com/bsevent.gif?impid=98505d0551e84c07816632f352fd45f2&dvp_or2=1&cbust=1636554999207381
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
ads
securepubads.g.doubleclick.net/gampad/ 		335 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2712710818169298&correlator=143630058942643&output=ldjh&impl=fifs&eid=31063683%2C44754276&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=20842576%3A21716575069%2CGS86FM%2CGS86FM-DDP.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=pos%3D2%26monu%3D728x90_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&bc=31&abxe=1&lmt=1636554999&dt=1636554999215&dlt=1636554991798&idt=1805&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=8478&adks=2718686334&ucis=a&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=728x-1&psts=AGkb-H95TSpP34MzT9iiRpCF6tB01cOaBWjpL2mEuz9vCeJHWDNbhwL3d7HNNLx_FEFTQen0efkDNweFOOZlifczkp4%2CAGkb-H_0RKdNQ_Z8Owjiq7koAwOjK85NouN8WixI5akuOHjv8oDlKL3twi0vda2dQqIlZcirqoQJ4j-dhGJ-ez0P1l8&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=true&fws=4&ohw=1600&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
86998515ec3d0013a522eb5316875c2247a8cfba02bbf689f84d8bed7975c89c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
tps20515.doubleverify.com/ Frame 93C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=bc9850446c2f41f7a385eef772045e56&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1636554999231706
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
bsevent.gif
tps20515.doubleverify.com/ Frame 93C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=bc9850446c2f41f7a385eef772045e56&dvp_or2=1&cbust=1636554999231980
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
11/9/2021 2:36:39 PM
js
ad2.adfarm1.adition.com/ Frame BB0F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/js?wp_id=4603449&gdpr=0&gdpr_consent=&ts=7028950194541625705&kid=4709716&keyword=PACS_4699120_14849423&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
9097ebbea4d30d3f30a6af47ad0630bab14c6c17b2763b7006cf4ae784ad7329

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 15:36:39 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:39 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 14:15:36 GMT
server
ESF
date
Wed, 10 Nov 2021 14:36:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 14:36:39 GMT
sd
eu-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d532da7e-8a78-4d44-ba06-01bbe3e2ba03&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d5842607-4886-4a60-a7e9-5a6ee3226bfd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame A22B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHWHhVN0RGN0lBQUNoeWRlTzVTZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame A22B 		0
0
sd
eu-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A22B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=55142ee3-1773-719d-d211-7f61317c67c1&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A22B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A22B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=7e1f55f9-aa7c-42d9-8550-d757745cea49
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
116d9108-15e6-4f5b-802a-078e7ff1e638
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame F28B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFamlFN0RGN0lBQUNoZnNhUGs5UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGie07DF7IAACh6cQxlxg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGie07DF7IAACh6cQxlxg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame F28B 		0
0
sd
eu-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame F28B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=55142ee3-1773-719d-d211-7f61317c67c1&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F28B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F28B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2FCE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QeUOEAnb1MKOIn5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2FCE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7e1f55f9-aa7c-42d9-8550-d757745cea49&ssp=openx&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10815324137626982527&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10815324137626982527&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=40136134-9f29-4cd3-8275-e7b25860b03e&ssp=openx&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=266350603966001742240&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10815324137626982527&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10815324137626982527&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10815324137626982527&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2FCE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
84fc8455-5dd6-48e3-ad76-5bd876bed94a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 2FCE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHaWUwN0RGN0lBQUNoNmNReGx4Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGie07DF7IAACh6cQxlxg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 2FCE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d89f618b-d8f3-4600-8acc-223fc44e81b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 2FCE 		0
0
sd
eu-u.openx.net/w/1.0/ Frame 2FCE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1005411107955032424
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2FCE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=55142ee3-1773-719d-d211-7f61317c67c1&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2FCE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzk3YmZkMjktZGUwNC0yZjM5LWM3ZjEtMjVkOGZiOWVhOWEx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2FCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMPJsYPeQQcFsb4op5Qgt0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 280C
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=3AC6C3F89C0B4D8088BC325684233F3F
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=3AC6C3F89C0B4D8088BC325684233F3F
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=3AC6C3F89C0B4D8088BC325684233F3F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 09 Nov 2021 14:36:39 GMT
c.html
j.mrpdata.net/ Frame 280C
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
52.28.175.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-175-201.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_4_d@j4mrpdatanet
Connection
keep-alive
x-deviceid
870df093-5dad-1a60-c02c-151415e285d3
Content-Length
0
current
openx2-match.dotomi.com/match/bounce/ Frame 280C 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 280C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 280C 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=1f95e013-40c2-4bf7-800f-f957300924fb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.254.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-254-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 280C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636555000.052000,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 280C
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=88XOl9wnxstqlRkUmmXAXy1M&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D88XOl9wnxstqlRkUmmXAXy1M
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
date
Wed, 10 Nov 2021 14:36:41 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 280C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7358448861426564282&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7358448861426564282&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7358448861426564282&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 280C
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ikKk3771yLM0ZTPW4mVdew==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
bp5bqt6chghdmke3re34636v8i012a06

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c1d348a7-87df-e3d4-e3c6-6994ce2baa88
pr-bh.ybp.yahoo.com/sync/openx/ Frame 280C 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c1d348a7-87df-e3d4-e3c6-6994ce2baa88?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 2586
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=8F3145E21F714E699B5B0C69874CBA32
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8F3145E21F714E699B5B0C69874CBA32
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8F3145E21F714E699B5B0C69874CBA32
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 09 Nov 2021 14:36:39 GMT
c.html
j.mrpdata.net/ Frame 2586
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
HTTP/1.1
Server
52.28.175.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-175-201.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_4_e@j4mrpdatanet
Connection
keep-alive
x-deviceid
870df093-5dad-1a60-c02c-151415e285d3
Content-Length
0
current
openx2-match.dotomi.com/match/bounce/ Frame 2586 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 2586
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 2586 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=1f95e013-40c2-4bf7-800f-f957300924fb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.254.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-254-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 2586
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636555000.052113,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYvY8wADhPvA_AAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 2586
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=88XOl9wnxstqlRkUmmXAXy1M&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a064a09346fcf640decd2c1a8084a062&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D88XOl9wnxstqlRkUmmXAXy1M
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=88XOl9wnxstqlRkUmmXAXy1M
date
Wed, 10 Nov 2021 14:36:41 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 2586
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7430506455464492218&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7430506455464492218&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7430506455464492218&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 2586
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ikKk3771yLM0ZTPW4mVdew==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
cfsieqfuo25i3ci56tnq0u0dcio3h723

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c1d348a7-87df-e3d4-e3c6-6994ce2baa88
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2586 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c1d348a7-87df-e3d4-e3c6-6994ce2baa88?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
usync.js
eus.rubiconproject.com/ Frame CB69 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51898
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Thu, 11 Nov 2021 05:01:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 622E 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvN2v1NqtVP7Gkpj7Rp5Q0cs31ScmUEvcIkwQA9HyIWyYVSmCshrvfWyhW2TUTyas9D1PTQ2QHmqgpypfRkA47HBn0-zkRDdj-Vvgjt&sai=AMfl-YRyOjT1giwwzl2nCVVoaOivBk1cOcADIeIG6O4iP8WendzBqMT1-Q7zGBG-oKIzlmlyafH6e2k_DPXjtNTtFSmdhRnj4QWgacAyY-yCOtH1BYFJSAT7yZRl73s&sig=Cg0ArKJSzFR83FLQ4fOBEAE&cid=CAASEuRoiizJD01502Q4osorLrFbYA&id=lidar2&mcvt=1154&p=901,1260,1501,1420&mtos=0,0,1154,1154,1154&tos=0,0,1154,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=20&adk=2176463979&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636554996391&rpt=1777&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5FA5 		499 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhio4Kq6ATAB&v=APEucNWVTmZAL1fqrlUQv7ZBesBA39nKZQ8yphpaNtmpSj8DcJ5xPQGGzC7phKIRCeBFcf2o8X1sSDksBoTSC-8RfGxFPl9KQ3J1HuSp_HhpuqGVOFyzjEr82VyYLcVcuVpKZjnshcZc8IgEM-WQSH4bS0iPuKpl3NJFXjA70a14JUg8qJ-DtJQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 10 Nov 2021 14:36:39 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 9CF2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7878
x-xss-protection
0
server
cafe
etag
10809069374711699201
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:32:02 GMT
12329091706538620210
s0.2mdn.net/simgad/ Frame 9CF2 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12329091706538620210
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a43d4ecd8a3004f8c6858398c6743b5cf8063bcb6264548fe42677a577683613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:23:29 GMT
x-content-type-options
nosniff
age
180790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25399
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 09:13:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 12:23:29 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 9CF2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:04:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9CF2 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss12vjXZh8v9CetKWSujX7pL2k5LNfhXNYZK8_hSp01gpg6HNJtor-y2lU4hVCWp-Dn6qntIXWPtsOGTw2oSchd_25z6V0r4HphC7UKVNHAUl9u7_mN6u5-EGaqV2-kcXuRAcNkdq8wi03B311mDsPoRmLbwV4yRSjZQYy_vjSDzNTlKb4YfB4l9sUqrKh72MNi-5EggV8GXnrhA9ew2qqwqHL6Ykp0jhZ6RFRlEyMACaMPZQyTFkF_DML_66eEyMbm0xv6HMBT-p7hOV4csr34sFvU2Z0m8jyhw5n5mQAwSOMN2dAI4g0ZTBzt7B5UU8ssztqVZXWhkCOSxUgsK3oR9208ey3WLakkp2DOHsXMmhZhkMOmEnrnLW2_WiQy1dA1QkgwHQ1vKVUj7FQwhZ8GcuX57hEduWtaRsWt6ve46bPgP1xuiN4BNjEwfUjGjnEjRt5Dj7eo69XdvlKwmerovHbLQT_vVzggjA6tDEE7aIlkjnHeYUYuLjoh1DKqnOnbNcyqSy7Rl85_DAzxC0Kewr_MutMAQUfDU-GGcHOLJo8PHNoZDC2HViOoZeEgQhf1J42e-y1HFGmkdlAnZS35QuisKZQ28mS_yHzn2_tTV-2doUXgN58xvyEylwv2Dn_HfYf2QMR4-CY4sYtYqQ5GeBlNTEYgYhXwllMRRDI4k-9yzU4HAdpS7JnFHXDs3iE61D-mMOW87K3o6UeUepW5oKfJQusJW-6nyx626LFZ7dy43TdpVn3woqfP6jT4knlwhA8CxCTRkFvuQ0v5XcksqdldItTeTFPdTs1M6ltCdLJts_vRo2Zs1wc2vD1Yg63yhAkJtLhIvvFZTCKDsOn05Wm9cJ43smQs-zNrfeBvihCxzWEK2U7iwjtdV5U6piY-3Tb-IKapG1GTwAIhzoGiMbcIufnZH6EVZZII954bEiZUMJzMIt_eR8w8htPHU1_l3HekrawlkHp1Wpeatwqo8sQiCvGSE9cjBoSadnDcVZJj2R4TrcW6BMjdUlvOHjHQNvDZEzZk5KI9HquZgmK0jc4rLMHQIsq-kRbb0JKIQ8sgs_q1eHMk6Z9vSuXGo9jvaHXxjgjtMJu_BPU-avEako63enFnOrcZA-W_DAauo4nzJpG9O2dHpjfQXhkj_-4NUGgJsZ1Obei8vRalDYMG-n9cgSZfGhyBkQCXIZV_D7qzCt20Lua8VR1XmWHrypfC1hjDOpd26__vsRLV&sai=AMfl-YRWS2hxIMdWgGiCzhc8W1bg_p3tK5n2Di8Dw3Fspny8wtim2SjyFFSTO3GGto3eZoBWumxffXjFwrJV-NafMuyXsGIG3rableLdyQ61wslXbzgVlswdxv5YlQVbLJN-rZUDSQJabPNLJnB59r1tkYyajuEyvITSuocB8Ud34vyLcbo6CS9YAh4RvsgcWb4TwjA8xJxj5YJP6MPP5RMZop6pGvyj2ZN9opOwuF8ho36RYYNh3SRQ1kWJln2QJHCCR6er9vreR1f9VaqxNjenY-9lsN5i9cAzcvdRyl4&sig=Cg0ArKJSzLuX79mZJqbzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211108.09551&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 10 Nov 2021 14:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9CF2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CF2 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bd6GpxJ0A3rk3dCThBbm9_pzjZGvStfm2M8UT1rYMqx4G2m5F1UHYRMkwlyyKSA88Zsp1SD3HJvOO1w-Dwh4o92v7J0siXOOj4qg6MLUCi-f7DPEg
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 9CF2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:27:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1337
x-xss-protection
0
server
cafe
etag
17605089983984592854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:27:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CF2 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Nov 2021 14:36:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 9CF2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6461
x-xss-protection
0
server
cafe
etag
1157727964977547826
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 14:34:01 GMT
l
www.google.com/ads/measurement/ Frame 9CF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQU0JHBauZA0Pg_PuuD1EiezXiwl-yIdd6wPwEXSOJDumEA99j0jNdMfZ0M0DG19chBKloGbESjt7udkRWGw8Yxf5TM7Q
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 9CF2 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fk54f1jk&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxNzE2NTc1MDY5L0dTODZGTS9HUzg2Rk0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTMzMGU5NDcxLTVlMWItNDY1MC04MjVjLTIzNGE2ZWRjMmMwOC4yIn19&sb=undefined&cb=7320776&h=ans-wer.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.133.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-133-197.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C263 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 00:41:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7DD 		1 KB
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62682
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C263 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1f1c4067d5c153afb7db0d127cf867b7b4d54ddffc9bd3e003663207258fc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 8125 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5fc4508cc1fb755236895d6630bfe48c6016d2f1e9bc75010198ee5a41568871

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|46|41|111|64|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1498
Expires
Wed, 10 Nov 2021 14:36:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame B839 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86708904&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ae461e56bcdee060c864265fc702e74511fb5fecd26b658dee9878f2d3a99cb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:39 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzXaMNrb_qmTb8FvOI8rtyw5Klcl86amG3BhAgB5ru7giatCZYZIc-lLAetv3TKcTaEuAs3GCtFCgLTc4XiTKyTprFnOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Nov 2021 14:41:39 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame EC36 		363 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtCAP1TXfOAVNjclmKRl8ICUVOJUjUVt8gjsxIZVE4rvmOl0bl-gGB4quL84qp_jQiw-fKOQUKTrKs6FwlQuQvXgfdwSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
103927
last-modified
Sun, 07 Nov 2021 12:58:51 GMT
server
UploadServer
etag
"ead6fc13b8318d0aa9c7318a2a0e7611"
vary
Accept-Encoding
x-goog-hash
crc32c=HbphvQ==, md5=6tb8E7gxjQqpxzGKKg52EQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289931652949
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
103927
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Nov 2021 14:41:40 GMT
events
prd-collector-anon.ex.co/main/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:40 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1636554999580&cid=60d442d6d9a5011a64643848&VERSION=4.95.3&AV_PAGE_LOAD_UID=e765f131-d353-433d-a3c8-d3de632e44c3&AV_CDIM4=e765f131-d353-433d-a3c8-d3de632e44c3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.89.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-89-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame D68E 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a49a5d0fb599ea908cfc636e3c8f46952623e42485bb033d53abdcbcc3fe4fe9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|3|130|4|111|5|221|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1385
Expires
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame E3BA 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7cf5a4bcf409175820c770705f3a5d40d0b1c617c7edf799b9633deb99e0229

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|4|3|88|105|81|176|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1440
Expires
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Connection
keep-alive
bg.jpg
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75447
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
img-lensflare-0.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/img-lensflare-0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4352
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
text1a.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3023
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
text1b.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2584
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
text1c.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3655
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
stoerer.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
text2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options
nosniff
age
488200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3787
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:00:00 GMT
text3.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2653
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
text4.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options
nosniff
age
488200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4233
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:00:00 GMT
text5.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2963
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
legal1.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11631
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
legal2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options
nosniff
age
488200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14104
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:00:00 GMT
cta.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1296
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
cta_2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options
nosniff
age
488200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:00:00 GMT
logo.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 23:00:00 GMT
x-content-type-options
nosniff
age
488200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1756
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 23:00:00 GMT
logo2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame 42F3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options
nosniff
age
176737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1990
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 12:36:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 13:31:03 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 42F3 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:40 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4186 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
09dd0a7de88fb8cf1c77631b1ad60324ff5f2da818771f4f2a3e7ea9b97ca557

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
88|206|65|81|156|188|111|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1476
Expires
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 410D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d098ddd29acb42fcf58a1da8ecf72b8120316914246e17cc01e97384079532e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|88|65|81|191|221|46|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1673
Expires
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Connection
keep-alive
sync
sync.bfmio.com/ Frame 4369
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995632
Protocol
HTTP/1.1
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Nov 2021 14:36:39 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame AB5D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995486
Protocol
HTTP/1.1
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 8042
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995637
Protocol
HTTP/1.1
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
view
securepubads.g.doubleclick.net/pcs/ Frame 8692 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmg5OgSXVUuanfE_n-1VEd5F-wa3Q3ifQSxIbVsfYYXxX14NJlAlwmbkmM57d0bfWSRT15ZPGuh9OgbY0raDsVTEQ_-CnYFCw53KyHZvPkXgE34PqVj7ujxY6JpoazQJnF4elc4plFGTUNK-M9lbLKGo6lLnudbfqP7Osv7F5zGLGObwhsLRZYF645TTPnKuVzBvVTNcT9FCCP_WA1LbReUaAVr-8I5x9wo3_UtlFFtMiCe6vGc6hNMRjW-Q7eXbvGVUaKwunGuTkiyX0JRLzP3v-eSJnDSDaouHR07SNlBfENmWUsR7rAv3DZWL4&sig=Cg0ArKJSzI-Q9iasIHZUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 10 Nov 2021 14:36:40 GMT
truncated
/ Frame 8692 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4191024c01e1af1a86d6e45e812ecca69466cda390e1a4e2395f9895812814af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sync
sync.bfmio.com/ Frame 3CF9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995493
Protocol
HTTP/1.1
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
sync
sync.bfmio.com/ Frame 4503
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1636554995757
Protocol
HTTP/1.1
Server
34.193.81.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-81-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 10 Nov 2021 14:36:39 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
google
match.adsrvr.org/track/cmf/ Frame 03AB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPJw09VOUGhilTHE61xoRIvDYHeo5X_h2NYW5yGdFELoMMbsfQ2W8TbrKlVkjxhwEigJzWvm-4N0sHGsrTykBaSBnsvCfZaA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 03AB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9C6kM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9C6kMHTdyn6QImE
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKZAPp3RaUjdXk3W4uOq5LzN16mRAx6VXhlbYysArmme5Spc6Ii14LSGChbz9aFXhoO5ZDinMJEkfdYR9C6kMHTdyn6QImE
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 03AB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPIl9flp8i-9lBrbJNE5UPeHxvafgb8XztJpDIWU1-Hg3EamTxb_9sCard7wStyRznTEJvPITNx7LwN7xgGtQsXT...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=de6d7130-c237-42df-b4e9-b82e73abad79&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntOf1KmHo0&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntOf1KmHo0&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntOf1KmHo0&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 03AB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTxYpYDcoInoraqzf1OhTfHxScPPn8XVGd_omb81BE-g
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame C004 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
mmt.gif
imps.monu.delivery/ 		37 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-05200a9e-ccdd-448e-94fd-9ec5141ce8b0&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDP.B%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1685
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9s4xoipUvv-b0O3ZNEJw1CQ9Yd3ZQpJZO_ybf0JagFyR30llPMC-0x15fFfGW67WE9vz3FkdV0A881tpUDghtVm7f0W2fFwo1nBkGTEPcrqT9uzrJdY4LkWt7t04aI46Hes5zuNtLUpEzO0QKt5O6rEYnMG-dvaQxofpL0EStVNMeIq66af-T6cTVdTSN0S6Tl9GC4rErQeTatfvU1FcUKATMfEToW_JfQg7V8vZzxIJXsldM9VIuPvjDtxW-atrUudBTUkQZzxvftFENBzfGgqh-fKsEL6zSqt7VaqCCciIM1H6ugd0ix5xQKGw&sig=Cg0ArKJSzBagEHQUoZptEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 10 Nov 2021 14:36:40 GMT
truncated
/ Frame C3AE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b05e1ea662a3ef3f538da71c8f3e7300e5413c28301f1b36444351420b8f07a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 622E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssffKUQzCWVRnEJE8TqQPoMgcdRcLhjZ4RYCEiwfpIQVdkKfBdYuoOov7qmkPI_DCd6JiWAdAtgnjZQZj5lCqX-3MstYWPeYrH4MXawN0dURd9CTYK5_xYV35vCJxnwWLwCvtc-OF7BtcB91v_PZYu_T6kEm5K_YyFTxLYOjFEEOm9WareJtJVL4_PbDlPvBK1a30iHwkYXn7hH3FMJ01PzUBSWazLm5fw4KGXA0i7MHyhq3tPpn8P76Qpuh8pUoquuGpnImxZVZI4RGH94YnFr9qshpdTYWomDWd1kxGraeFVbXHvoY7tk1rpu_czRx6DZ499sbclz2BWM4RX5fvjlHNfynCLSq7DWVYpb6ji9u4w6AqVGdAdL61IFHicGfN7wZ6RR8xE5BVB4kYE7PKSff0fxcgKRd5WjgLDEbbVvmka0GM9eWyKTL96EomxgA-DOWpXpvzhrgw2q5e1u5ZhOLgbi-pKuZCWY6DJTTk4k848ORUo8esQfg1KOE6XOIueWM0SBj_wcmpfLkuGDAMAXlggkQuNgg44CEx14kf9-RNCBETQhIMaUaXHbTyhUZpTdQvHW86Q-uWvSjYtkM1-iAcasBPfyJtJKDsvaSsF1zq3At48M7aQpg028sfmCe5YvZbjwoUgxMxGljP_-JiBS1ZRfU5UHYmqcbP2VIQznmDy9GOAWL7y-WW52vTQh6ygs5Cux4ZN0i1rF8DyxsrG0gWt1f_4g3iqNicu1XqsdwKC_LbgHUxd-frs0Fp7dAwYIOk9pCbIR7EA9vbUa_4MNJPb-xB8qJsxIZsuZgqW3zNct9L0fyuYKsWhSYNtI7lE0qULaQlPw0Y9aA4Hu-H-gU9koraKv4oTr4TFBmBLJWbPqdiEgOvIn7vfGPZnSt01zhTR9DYxszbuYozI22V3GogPSirttPFovxBBNETMa68nZv6Cg_htuZJSjOp0q0nvnnWxHL05Ed4XjIh_ZYPME6UYCWNjIRHzPPThuLcKBvUt4tBewaXn9h56-X7JigQkKQNMQevirH8rhcdfEVeZAfoQtbbOpN_qkc9uBkQ_7AYUpjgMnu3ICf3jVcPq2u1lZbw2El3TmqWFrXejn7HXvFPKQ82eCm4ql-DL1xeHjXP9Z3n6kGhayHJssI1yHAIQrN_4heMWkeG74sl25fPKqXJE7BgH9uoy7VUB-_w&sai=AMfl-YR4m3Qclsj40q4f6Auhz-TON8o9SkGQYxdXYap5z2dJMqETO6N6fHcesKcBlPDVycazaG7HbPv8dc0yDp9lOz93p6AmmDJaeKEGVbMqsSO7s-KlcPW6j8EcbutWMlBAqNPXFh6rxhxtysshtGLIg0PqJ7r-a_c_0jkbF5uZJQaJtsCHBJXsFnZQ4gMJ6wYUO-5aqPjy4EUlHCtwJgK-3KcnKbPzSLxltSi9zFHUG1f_L05_pdei-Z65dyWsLoVuRDYrwj6nqxiDOVN8u5Gxt4sRWxnyKGq5FD8F_0k&sig=Cg0ArKJSzFRWVrYL17EHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2915&vt=11&dtpt=2209&dett=3&cstd=703&cisv=r20211108.30171&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
banner
ad2.adfarm1.adition.com/ Frame BB0F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.adfarm1.adition.com/banner?sid=4603449&adjsver=3&fvers=&iframe=1&ref=https%3A//ans-wer.com/&ro=https%3A//2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&os=17&browser=11&userid=7028950190242595175&kid=4709716&kw=PACS%5F4699120%5F14849423&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad2.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
3845d13d2d404e02c2ba3ab4e96db61e25b628998d2f72cd856d277def740518

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 15:36:40 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
csync
sync.adtelligent.com/ Frame CCE3 		0
0
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 9187 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.6&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1685
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=34d3c603-2eb3-4b41-87c1-3a358e92dc9e&a=a.e&u=mmt-330e9471-5e1b-4650-825c-234a6edc2c08.7&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.17%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22GS86FM-DDI.A%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2Farazou-baker-cinderella-role-and-instagram%22%2C%22referer%22%3A%22%22%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:08:35 GMT
age
1685
x-guploader-uploadid
ADPycdsPZK31GLfQiy07ARkK0PB-UOY9l4FJhSyhg2fEmH3km9Btkctw9yPjbjOdmsbYlFZVVIYZDlDT6ryKlPCmmlJ40Zq-hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
cache-control
public, max-age=3600
x-goog-stored-content-length
37
accept-ranges
bytes
content-type
image/gif
expires
Wed, 10 Nov 2021 15:08:35 GMT
khaos.jpg
token.rubiconproject.com/ Frame CB69 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/jpg
view
googleads4.g.doubleclick.net/pcs/ Frame 9CF2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss12vjXZh8v9CetKWSujX7pL2k5LNfhXNYZK8_hSp01gpg6HNJtor-y2lU4hVCWp-Dn6qntIXWPtsOGTw2oSchd_25z6V0r4HphC7UKVNHAUl9u7_mN6u5-EGaqV2-kcXuRAcNkdq8wi03B311mDsPoRmLbwV4yRSjZQYy_vjSDzNTlKb4YfB4l9sUqrKh72MNi-5EggV8GXnrhA9ew2qqwqHL6Ykp0jhZ6RFRlEyMACaMPZQyTFkF_DML_66eEyMbm0xv6HMBT-p7hOV4csr34sFvU2Z0m8jyhw5n5mQAwSOMN2dAI4g0ZTBzt7B5UU8ssztqVZXWhkCOSxUgsK3oR9208ey3WLakkp2DOHsXMmhZhkMOmEnrnLW2_WiQy1dA1QkgwHQ1vKVUj7FQwhZ8GcuX57hEduWtaRsWt6ve46bPgP1xuiN4BNjEwfUjGjnEjRt5Dj7eo69XdvlKwmerovHbLQT_vVzggjA6tDEE7aIlkjnHeYUYuLjoh1DKqnOnbNcyqSy7Rl85_DAzxC0Kewr_MutMAQUfDU-GGcHOLJo8PHNoZDC2HViOoZeEgQhf1J42e-y1HFGmkdlAnZS35QuisKZQ28mS_yHzn2_tTV-2doUXgN58xvyEylwv2Dn_HfYf2QMR4-CY4sYtYqQ5GeBlNTEYgYhXwllMRRDI4k-9yzU4HAdpS7JnFHXDs3iE61D-mMOW87K3o6UeUepW5oKfJQusJW-6nyx626LFZ7dy43TdpVn3woqfP6jT4knlwhA8CxCTRkFvuQ0v5XcksqdldItTeTFPdTs1M6ltCdLJts_vRo2Zs1wc2vD1Yg63yhAkJtLhIvvFZTCKDsOn05Wm9cJ43smQs-zNrfeBvihCxzWEK2U7iwjtdV5U6piY-3Tb-IKapG1GTwAIhzoGiMbcIufnZH6EVZZII954bEiZUMJzMIt_eR8w8htPHU1_l3HekrawlkHp1Wpeatwqo8sQiCvGSE9cjBoSadnDcVZJj2R4TrcW6BMjdUlvOHjHQNvDZEzZk5KI9HquZgmK0jc4rLMHQIsq-kRbb0JKIQ8sgs_q1eHMk6Z9vSuXGo9jvaHXxjgjtMJu_BPU-avEako63enFnOrcZA-W_DAauo4nzJpG9O2dHpjfQXhkj_-4NUGgJsZ1Obei8vRalDYMG-n9cgSZfGhyBkQCXIZV_D7qzCt20Lua8VR1XmWHrypfC1hjDOpd26__vsRLV&sai=AMfl-YRWS2hxIMdWgGiCzhc8W1bg_p3tK5n2Di8Dw3Fspny8wtim2SjyFFSTO3GGto3eZoBWumxffXjFwrJV-NafMuyXsGIG3rableLdyQ61wslXbzgVlswdxv5YlQVbLJN-rZUDSQJabPNLJnB59r1tkYyajuEyvITSuocB8Ud34vyLcbo6CS9YAh4RvsgcWb4TwjA8xJxj5YJP6MPP5RMZop6pGvyj2ZN9opOwuF8ho36RYYNh3SRQ1kWJln2QJHCCR6er9vreR1f9VaqxNjenY-9lsN5i9cAzcvdRyl4&sig=Cg0ArKJSzLuX79mZJqbzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=493&vt=11&dtpt=492&dett=2&cstd=0&cisv=r20211108.09551&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bg1.jpg
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c70aed8085d619d9af7f6db1fda606952c0d91f0ef8ef7b696d01046622088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 07:11:35 GMT
x-content-type-options
nosniff
age
545105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92937
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 07:11:35 GMT
txt_bg.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt_bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6a99b6d467cc7c212e3a51c31f0680b687cae2a4f779c445c6a4fa08415516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 23:04:52 GMT
x-content-type-options
nosniff
age
142308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3391
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 23:04:52 GMT
txt1_1.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt1_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9320acf45091cdb30afa1d56caf2563462ef58283c08776d50ef13f4c61d6674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 02:58:56 GMT
x-content-type-options
nosniff
age
473864
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3759
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Nov 2022 02:58:56 GMT
txt1_2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt1_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df1fa3a8fe00457aae5ab8b71d9820d9884fece5ce191c3c013dda0c97b99e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 12:10:38 GMT
x-content-type-options
nosniff
age
267962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3824
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 12:10:38 GMT
logo.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		413 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a479f83cca1846bad3c354e5e950e88aab8673168e4d3060a0aa4e5d8f9e0903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 14:55:11 GMT
x-content-type-options
nosniff
age
517289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
413
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 14:55:11 GMT
bg2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		400 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/bg2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
426112c0482818b20c059d33cc8761e39794c385238fc6f2fb2b9a71f9df7a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 11:17:21 GMT
x-content-type-options
nosniff
age
271159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Nov 2022 11:17:21 GMT
txt2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0d354d45b80213322b59985c9beff4f79692ee4d886ba33db26fa750b6bd20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 13:25:13 GMT
x-content-type-options
nosniff
age
522687
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5433
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Nov 2022 13:25:13 GMT
logo2.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/logo2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7295b4a401c5f29a31b6b7647ac338184b4a70bf11e598e2eb22b2521d22644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 18:11:05 GMT
x-content-type-options
nosniff
age
159935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6753
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 18:11:05 GMT
btn_n.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/btn_n.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0631e7aa9f75e06d31f440846182256647e04bfb08bdd26271d57a21d0e604a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 23:54:06 GMT
x-content-type-options
nosniff
age
571354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2522
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Nov 2022 23:54:06 GMT
btn_h.png
s0.2mdn.net/sadbundle/16017011513840789031/assets/ Frame FEF2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16017011513840789031/assets/btn_h.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16017011513840789031/assets/CreativeApiGoogleAdManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a27428b6dfaf72e49948fa74b442718ffaed498b7c88f647c8d7a3034ed459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16017011513840789031/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 01:47:41 GMT
x-content-type-options
nosniff
age
478139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2922
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 15:40:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Nov 2022 01:47:41 GMT
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 4820 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame A93E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
partner
sync.search.spotxchange.com/ Frame 5FA5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKIFkO56uy6fq6Q8ico2YE0&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKIFkO56uy6fq6Q8ico2YE0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhio4Kq6ATAB&v=APEucNWVTmZAL1fqrlUQv7ZBesBA39nKZQ8yphpaNtmpSj8DcJ5xPQGGzC7phKIRCeBFcf2o8X1sSDksBoTSC-8RfGxFPl9KQ3J1HuSp_HhpuqGVOFyzjEr82VyYLcVcuVpKZjnshcZc8IgEM-WQSH4bS0iPuKpl3NJFXjA70a14JUg8qJ-DtJQ
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
104
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKIFkO56uy6fq6Q8ico2YE0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FA5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTllNDI2NTEtNDIzMy0xMWVjLTljMTktMTk3ZTIyZGYwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTllNDI2NTEtNDIzMy0xMWVjLTljMTktMTk3ZTIyZGYwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhio4Kq6ATAB&v=APEucNWVTmZAL1fqrlUQv7ZBesBA39nKZQ8yphpaNtmpSj8DcJ5xPQGGzC7phKIRCeBFcf2o8X1sSDksBoTSC-8RfGxFPl9KQ3J1HuSp_HhpuqGVOFyzjEr82VyYLcVcuVpKZjnshcZc8IgEM-WQSH4bS0iPuKpl3NJFXjA70a14JUg8qJ-DtJQ
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTllNDI2NTEtNDIzMy0xMWVjLTljMTktMTk3ZTIyZGYwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
135
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 5FA5 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CODnIhCTpLvQAhio4Kq6ATAB&v=APEucNWVTmZAL1fqrlUQv7ZBesBA39nKZQ8yphpaNtmpSj8DcJ5xPQGGzC7phKIRCeBFcf2o8X1sSDksBoTSC-8RfGxFPl9KQ3J1HuSp_HhpuqGVOFyzjEr82VyYLcVcuVpKZjnshcZc8IgEM-WQSH4bS0iPuKpl3NJFXjA70a14JUg8qJ-DtJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4C27 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
match
c1.adform.net/serving/cookie/ Frame A87F 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2A4C2021-80DF-44D3-9139-A753695F86E7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:40 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 565A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6153006215413666020
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6153006215413666020
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug021:0:441
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6153006215413666020
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9648
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:324
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Wed, 10 Nov 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7100805
Pug
simage2.pubmatic.com/AdServer/ Frame 604C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028950190242595175
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028950190242595175
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug016:0:400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028950190242595175
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B839
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KkwgIYDfRNOROadTaV-G5w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=45995
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 11 Nov 2021 03:23:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d89f618b-d8f3-4600-8acc-223fc44e81b7
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d89f618b-d8f3-4600-8acc-223fc44e81b7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d89f618b-d8f3-4600-8acc-223fc44e81b7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
/
pixel.onaudience.com/ Frame B839
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2A4C2021-80DF-44D3-9139-A753695F86E7
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
HTTP/1.1
Server
51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-4.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Wed, 10 Nov 2021 14:36:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5067b044a5fdb99b07a9b0b64e8178c1
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE0QzIwMjEtODBERi00NEQzLTkxMzktQTc1MzY5NUY4NkU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:408
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2n0WF0C_OvY5JF2XM82qA&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2n0WF0C_OvY5JF2XM82qA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:518
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2n0WF0C_OvY5JF2XM82qA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B839 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 09 Nov 2021 14:36:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:551
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33550408-bd18-4c2e-af2d-417206d04e39
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33550408-bd18-4c2e-af2d-417206d04e39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:480
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=33550408-bd18-4c2e-af2d-417206d04e39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1005411107955032424
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1005411107955032424
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:467
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1005411107955032424
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4777276572329354755&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4777276572329354755&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:591
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
084e160b-af04-43ca-84fd-7ddca9ddb177
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4777276572329354755&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame B839 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame B839
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A4C2021-80DF-44D3-9139-A753695F86E7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFNxzC1E2uU_Rxb0bPL93vRIAZ6_ZAc-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFNxzC1E2uU_Rxb0bPL93vRIAZ6_ZAc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFNxzC1E2uU_Rxb0bPL93vRIAZ6_ZAc-~A&gdpr=0&gdpr_consent=
date
Wed, 10 Nov 2021 14:36:40 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
casale
match.adsrvr.org/track/cmf/ Frame 8125 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8125
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
974XVN20RSPJC9Z8T6F6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1JHMYGQ4W5WAC820AN4X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8125
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOOrrwq6_9QLaS1KMCpyWO4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOOrrwq6_9QLaS1KMCpyWO4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOOrrwq6_9QLaS1KMCpyWO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 8125 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
bridge
cm.adgrx.com/ Frame 8125 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-7
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
match
c1.adform.net/serving/cookie/ Frame 8125 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 8125
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147000
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147000
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147000
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8125 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=952
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:52:32 GMT
iframe.html
imagesrv.adition.com/banners/268/00/e2/a3/55/ Frame B74D 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
cd69b3cbe6762c5d83237b71badcf58c38ed0d9438b4e5aa2ba2fe911b50f740

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

content-type
text/html
accept-ranges
bytes
etag
"2748265662-br"
last-modified
Thu, 28 Oct 2021 12:07:06 GMT
content-length
2820
access-control-allow-origin
*
vary
Accept-Encoding
content-encoding
br
date
Wed, 10 Nov 2021 14:36:40 GMT
oba_priv.sjs
imagesrv.adition.com/banners/270/ Frame BB0F 		2 KB
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7028950194541625705&btr=true&pos=top-right&cid=626352&aid=626352
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f12bbbe604741b1dbe2cb07cd20a0c7950d106315ba2c58accc92e95e6c4e4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
content-encoding
br
content-length
605
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B127 		1 KB
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62683
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BB0F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64a59c02a82ca405f242ff05ff357b54565222a87af05d601011f2ad0d285b39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D68E 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame D68E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
crum
dsum-sec.casalemedia.com/ Frame D68E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGie07DF7IAACh6cQxlxg&expiration=1637764600&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGie07DF7IAACh6cQxlxg&expiration=1637764600&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGie07DF7IAACh6cQxlxg&expiration=1637764600&gdpr=1
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame D68E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
c1.adform.net/serving/cookie/ Frame D68E 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame D68E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame D68E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.27
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.21.27
content-length
0
expires
0
113
match.deepintent.com/usersync/ Frame D68E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-length
0
server
a
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D68E 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=952
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:52:32 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=ans-wer.com&sn=&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&ic=0&tgt=0&app=&wi=483&he=272&test=&d36=6.1.2.85&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60d442d6d9a5011a64643848&stagid=&stplid=&e=inventory&vi=0&cb=1636555000145
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E3BA 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame E3BA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7430506455464492218
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E3BA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d89f618b-d8f3-4600-8acc-223fc44e81b7&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Nov 2021 14:36:39 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame E3BA 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636555001.744163,VS0,VE89
x-served-by
cache-fra19168-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E3BA
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx/1.20.0
content-length
76
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame E3BA 		0
0
113
match.deepintent.com/usersync/ Frame E3BA 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-length
0
server
a
ix
ad4m.at/ad/sim/ Frame E3BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E3BA 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=952
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:52:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 9D70 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPKsjbGYKeUvctT3u2I8rt2mGg3WSuUDPixw8yQ58YUZlDH__-AAZGaEuhNkD2OSv15-P431dZHivKnBEA6l_8EBmZe5CN8
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9D70
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_V...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_Vyr7A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_Vyr7ASSSCI8mUau
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPKznSkgStMNHLM403pHA0LC6OSnm-3hnJ9yLeiRFYKMaEC4kUjy1uHmFkeHrHOxOxTppnQLVMturuJh_Vyr7ASSSCI8mUau
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9D70
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvgu...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvguKCpN01Q&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvguKCpN01Q&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJjq2wQRy7qUJmzliZJUaqwoALgwYOeV3UnDmU3shlMGLMmISX2NJwV9AkAXMzYYIUvjsDEusu2FPtlL4mjHvguKCpN01Q&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9D70 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km47neLp5Jz7hGamcaHlgOYmWpDo1oKKjES1lEsDf3FA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame C263 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDloK_CFSaO8My458On2BPqtCASUEgeXUQGNKQ2xSmlAkYL_vLGZAsqWEy6OwFEvIJli8e0E8OJSqm6dgduI_MdO0sgfUx_dZ0FtwnN2U5v0Fwm98JnK5b9M4h-yKMsUgDLbwcCWYuBXNmguR27ZGwFQrFQmXjpfop4muJsDy3T-07VRH9YM-_-j_hEfwJPF5-4XAzHsFluG0Eu5QbwlO6UiayYyrJRQXSuFWyeQfpQWQsdFz2C9Lrv8A8NXcivkra_bPe9Zf_Yl5lDxNR9AD-HUScqdgYNtfzAHGfniihfeeagB4qKSdZktE1yUeo8nw7f83PEVR4msuChp5vWy03tKx9jcDKFTxuT2xghI_W9WiIVrmjJnHBlLm97zNASiHLlCAefELiJEcTX1j2TE8gflETvX7YBmdLOSZmPvQEqENhCZ_XOIfo4k2LXalt9tXW-flj-_A4BGA8cvyz2pW6q2pIMcBNdaEPN9wW8Fw37vWlViCmxS4CZO-kYT4oiht-oDYXeD-tGaP0QgOqxPYpISoH3pHLa7nMXdVr0_Z0Y3wagaGNSiVfdCNIH8cvdjuJPmMXaFOls8Cn8XVf7ft6LDIuPpTzNy4d46WV-ADgIv0VwFdZ0uSGGXvKMOtjbjeBJ524pvmD26FZGt3CNPYq3d9WzDDdkvA0E191xiiTwL6F9LNGJ_nKWA5CafkxtCvVaLjB0Ka2W41GAf_n13PrXSlrsm_k_YIehyvzSZ5g4Th0SvyzTTE1epGP_nuNSWlcFW6I8j5YqAUZkhNarMzsUIt6g1LAqz08xqF21vxzvwntyw6C7DkgnFAJmxqzQ2yrsksnbCjFXwBwVlPuBjCbfAzfuXU5CJp_N7HoCHn3A_hKL4CWtNSKtfqCe0CHFhif-gPR_lkup9N-bK7TKLnTDvPOdL5_8KoNr5RnHo59X8Lh9F9-08nTlKwUeSW6YOwjCxC9QAFFVzZOhbpFD6yhi6fJbdsH6PDjtrYrKUDwOFdZkMpJf5CV9q1VufQHGJi01tcSa-2L37lAaSbNiGxOv0qIykMbLTrod23b3SK5uJVDT6i-dFPuhxBmgSQRKWly7kCDgR2f-PnsZea6OMwwu62oYd0FTWgVBdhb7e1XEqJpfRzXbItqN8svDDWif4oZ_0GhUVbiGVCW_bZMmIeXPLxU1YRD_KLXAAIw1XK3jdFe0ysy2qW6ByhvT9rtWqXe4L3wDg&sai=AMfl-YR6Q2FzCi6AhrX9bWKrCgaFmbTRBd3KOvt2LDUcOYvNCRg4FFy448DV_zjXW61SUZ0Poe-NxLGoI2fPS3oj-0TsNXghrYBEDIEsB-yMcQZOhg9M51j-teuwDriTq1T4DXt3y9QzM3oiMvxlG35CYbovGkyvsQ&sig=Cg0ArKJSzOWhTJVAzrvTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2207&vt=11&dtpt=1510&dett=3&cstd=696&cisv=r20211108.48161&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ups.analytics.yahoo.com/ups/55940/ Frame 410D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 410D 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636555001.581363,VS0,VE90
x-served-by
cache-fra19168-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 410D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 410D 		0
0
index
dmp.brand-display.com/cm/api/ Frame 410D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 410D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.232
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.20.188
content-length
0
expires
0
getuid
secure.adnxs.com/ Frame 410D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 410D 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 410D 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=952
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:52:32 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 4186 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636555001.582576,VS0,VE92
x-served-by
cache-fra19168-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4186 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYvY8QGE8OpYyuYAqwdzdQAABIgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 4186
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:41 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636641400&gdpr=1
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 4186 		0
0
cookiesync
bttrack.com/pixel/ Frame 4186 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:39 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
CookieIndex
rtb.adentifi.com/ Frame 4186 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
match
c1.adform.net/serving/cookie/ Frame 4186 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 4186
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 10 Nov 2021 14:36:40 GMT
server
nginx/1.20.0
content-length
76
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4186 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=952
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:52:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 28E3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPJUOyppwLnX9mkw2g04MbO2KUyi8fXPWbrG3vnlQ4gia7E986WtsJAmEZZH4BwwJoej_1J5Vzxe-VlTPYoWFg1JP0_GiBE
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 28E3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc0XPX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc0XPX5s_6xp7l8
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPI-IjngZbkF3V9qqyfibOMnLGI-sTyRIKWROHKFE5_OneMz3Vq8XidIkNGwKbdnhsUo9qivIdYs8ar7qc0XPX5s_6xp7l8
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 28E3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfm...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfmW5Az3gI&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfmW5Az3gI&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLedD1qGUqJRIFjP2UkqWIDJ_lcs-walj2sHGecVq55l_yLiIRv-wwa5SiySwg0ugiwTOi2E3-kSzKwPvEs5mfmW5Az3gI&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 28E3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KM8GbB4suKLmnb8Rxqq5nVQ_7ZcivKU6DTXSZgYY5EFQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7AA6 		1 KB
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 09 Nov 2021 21:11:57 GMT
expires
Wed, 10 Nov 2021 21:11:57 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62683
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9CF2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
535693cceafe51063b82e82fb90bac0276df1a09d9e2e19ec07083094f6188f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
google
match.adsrvr.org/track/cmf/ Frame A309 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPIPfIZosrh3MgfJ8HDwoHsDV9VtYvSpKqmHggZ-oUFDt7Ti_cVDcuYHRuhEfgytxJOcwwR29S9jIr8eIaZbdxrmf67qi4g
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A309
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dX...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dXKpor...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dXKporGTqfRNo7I
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPJJdQiz9glvOv1EQyXcssJsWVNDx6ii9u9U8OLgZVSzoxveuSkkuOsuuxcQGRsqsIzcDCaID9vFB4z2dXKporGTqfRNo7I
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A309
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiS...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiSnG4LMHM&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiSnG4LMHM&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ8zzdmKmq2J-40mH15OLx3D7DJFRDiE2M65Knc9f74goZqLSIZonokBufDEB-JHtSrQQDv-aVnhdT7gP-lZuiSnG4LMHM&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A309 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IF3IKVcGUCWnRIojNlZDWuXbinNnurEN0xHP1HW31gPQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cs&eq_cc=1
um2.eqads.com/um/ Frame 08A9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ans-wer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.142.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-142-27.compute-1.amazonaws.com
Software
/
Resource Hash
e8c28a4cb9cba13c5b240a3eba5ed8b58254fc98ac1794048675109bcd403d3c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 10 Nov 2021 14:36:41 GMT
pragma
no-cache

Redirect headers

date
Wed, 10 Nov 2021 14:36:40 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
/
premiumsrv.aniview.com/api/adserver/tag/ 		28 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.95.3&AV_PAGE_LOAD_UID=e765f131-d353-433d-a3c8-d3de632e44c3&AV_CDIM4=e765f131-d353-433d-a3c8-d3de632e44c3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60d442d6d9a5011a64643848&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=ans-wer.com&AV_DADPOS=3&d36=6.1.2.85&responsive=1&sver=1&avtoken=144&AV_WIDTH=483&AV_HEIGHT=272&AV_DNT=0&cb=1636555000338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-235-47.compute-1.amazonaws.com
Software
/
Resource Hash
93e956ec1072bd2963c9bb773b431d0404e7bce62a33152570cc2a155cb83302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 30 Oct 2021 00:50:01 GMT
PKewM26kLODaNdHJeztli2HIaAargm3n3PT4NR3k75M.js
pagead2.googlesyndication.com/bg/ Frame 9895 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PKewM26kLODaNdHJeztli2HIaAargm3n3PT4NR3k75M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ca7b0336ea42ce0da35d1c97b3b658b61c86806ab826de7dcf4f8351de4ef93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13295
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:16:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2F50 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 00:41:17 GMT
expires
Thu, 10 Nov 2022 00:41:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 7DD1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
google
match.adsrvr.org/track/cmf/ Frame E7DD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPLAKaT7NYoxxwuTeqWpq9ymTVt4N-SmETV3Nu9ywwZf6qM8L7BlXiiuIpQH-WiZmsLdNHbGS1qfHAnQMMIVDiszrM3xWi0
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E7DD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIgMvIz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIgMvIz1DFzu41w
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPLcW3qjB7dzGJnLDF-lDZ_6AQIjpGrX16b7W9BwD7JhSgFeo0zx808dbm-mR_uYPemsKNb1ovlISJ2xIgMvIz1DFzu41w
Date
Wed, 10 Nov 2021 14:36:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E7DD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPL4ZF1dE_OO93PCGNI_K-R63Qtw3oLm12ovMiPRpEPm-qtONJuF6jyokmWTRkvOJfBRUcxhyN7N-jRrNFTOUntO...
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=0122f085-b10c-42c0-a3c6-ce5b1898f89c&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E7DD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6jrTE-RQy_L0iUyTKBZtNlHggUzvQvQdUBX_6s7klkQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame B74D 		753 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
db2bc06cd9b2d3eba01db6ec5a86133e.js
imagesrv.adition.com/banners/268/00/e2/a3/55/ Frame B74D 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/00/e2/a3/55/db2bc06cd9b2d3eba01db6ec5a86133e.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
4c3895157263cf87ac3eb3c833cc92e184573ef6785aa29a73d7deccc43360c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 13:00:25 GMT
etag
"2747700847-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
16839
user
ads3.admatic.com.tr/ Frame 1F44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=33550408-bd18-4c2e-af2d-417206d04e39&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:40 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
adplayer_privacy.sjs
imagesrv.adition.com/js/adplayer/ Frame BB0F 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7028950194541625705&title=Performance+Advertising&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=http%3A%2F%2Fwww.performance-advertising.de%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
9f52bedb3e9cd413a96005f677068683e1767698fad1c2eeb0f6f5893738b21e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
br
content-length
6027
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame C263 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlXIOwlylsJtggummUAYTywVfpLyRVPXmFrwIRs5WluB4cI57LJQ0vK4ytTdNvrUIY7DjxafH0yyoys3AMBwYJ7SbCbAEas-lX4mG6IklH0PuEAayfHA&sai=AMfl-YQmfru_IEATdcfCYd84PYnx3-WIL9CzWpBVi-48P42S-ML0KLClbIdeuuT0A42Xgu0xVD5ETGgv6iHExAOhHFq0SCGuepA225OKtDqKX6B7JtF5-EGeRL4L6xc&sig=Cg0ArKJSzEcmxzP_45FVEAE&cid=CAASEuRoX-0n34CsnitqZybs7GX5wQ&id=lidar2&mcvt=1071&p=1110,436,1200,1164&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3673253304&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636554996769&rpt=2730&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c3befd811382250ac0b4c7d742f2fc6be5e9bb007faa8a163a5193587d498d07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Last-Modified
Mon, 28 Jun 2021 03:25:01 GMT
Server
cloudinary
X-Timer
S1627638628.192847,VS0,VE1
ETag
"d8bfd12659344ddc0a6cf4af5fd5c64f"
X-Served-By
cache-wdc5538-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22641214
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
651
X-Cache-Hits
1
google
match.adsrvr.org/track/cmf/ Frame B127 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPLy0U5rQm55HfI0g01z8lAYUD2cwPMojb37MF29Ky4cFsPfjAufxWTNGz7uYnXGcvLTz534Jv3hfF0gVMdh5SjWsjBI5HA
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B127
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYj...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYjk7tc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYjk7tcUcFmQLq5w
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPInXjV4bqEb3P_x-Vx58wwhYHTQMdb1XHffbiW9k8kwnIq64fhtDV0x5jf_BuaoBoG0u_FSc3AS3LomYjk7tcUcFmQLq5w
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
google_sync_status
x.bidswitch.net/ Frame B127
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPJZg6CycIERx33eAZ94kHwtqMwb2B9f9bS4LcgwP3vVpuCkJlB1fRpJO45-I0L8AoKm8F8V8hBgVayJ798rKo58...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a649812c-11f7-48c3-97c7-4fd014997fc3&user_group=1&ssp=google&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
HTTP/1.1
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B127 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13La18azVy-re237WUbST4YtwuGhcy7KWqLIgivd4aUqzQ
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3d6639e89f27899806b5bfd2eefb38a73194e8700251080c8577451788fba979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Last-Modified
Mon, 28 Jun 2021 03:24:56 GMT
Server
cloudinary
X-Timer
S1627638629.862334,VS0,VE1
ETag
"5eb5cf5c5b6b2fa87defab7dc50b5e75"
X-Served-By
cache-wdc5538-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22641228
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1220
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0E88 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45994
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:41 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 4037 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8c1a17fd40c12eee1829052f6429a580ae5656539269097dc6528033a638368

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
90|47|57|51|64|218|111|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1614
Expires
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 46C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Nov 2021 14:36:41 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Wed, 10 Nov 2021 14:36:41 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
events
prd-collector-anon.ex.co/main/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:41 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame EC36 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdui2F1r9luddk0mO8dcvv9KTuzTh2O2S0gc2galdFJ5ngdLctFDw0fdPhUNbQsG-O9FLEiM0NuKXjMGFCTmNu4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99475
last-modified
Sun, 07 Nov 2021 12:57:43 GMT
server
UploadServer
etag
"e4f50e6002c3454b61c9472c8f4386b9"
vary
Accept-Encoding
x-goog-hash
crc32c=t1bvWQ==, md5=5PUOYALDRUthyUcsj0OGuQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1636289863354883
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99475
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Nov 2021 14:41:41 GMT
ptv
ib.adnxs.com/ 		27 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21869222&cb=6555000870
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1a6da97a-753a-438d-a5dd-e8df9658e9bd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ans-wer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vast2
tag.targeting.unrulymedia.com/rmp/236693/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236693/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555000870
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/ 		129 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=768372022372858714&pgdomain=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vph=272&vpw=483&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6555000872
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555000872
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555000872
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272&nid=56ea678d181f46c76f8b45fb&ncid=60d442d6d9a5011a64643848&e=request&cb=1636555000874&asid=60d442d40f756732ee412787%2C60d442d4bda1a9322d035404%2C60ebfe94ebe867570438e997%2C60d442d43cf0de57dd34d158%2C6112a980827c476d02686ca4%2C60d442d4c8207f7bbb7b5a16%2C5e1b272e28a06142643c20cd%2C5fd1f2cc9772f87a350a855b%2C5b30e37c073ef468ec3ca049%2C5d7a45e628a0614c5e396e0d%2C60c60c3b1731ed2b383f0908%2C5ff1826de52e2f2dd148e0f4%2C5fbe5add3443ef680f0480d7%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C%2C%2C%2C%2C3%2C1.5%2C%2C1.5%2C%2C3.5%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
google
match.adsrvr.org/track/cmf/ Frame 7AA6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDqEB2vYu3pPXQF1BUQZUKo&google_cver=1&google_push=AYg5qPLbPIR1pQyDcj56TU6avDvMmdI0DtnFb-88aCUTPuoLDci4MFmw-oa2tlqBIG42-I896jIVcMV4WeoNz8KB7ftKYmyC7j89
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7AA6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBInnOxKFzIToguie6r9iR8&google_cver=1&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-J...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-JZTae...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-JZTaeLfFY7Zxzs
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyODk1MDE5MDI0MjU5NTE3NQ%3D%3D&google_push=AYg5qPIyvMST2TNryKo7vPnLSzhIk7bkVrWPkzM9ffAaKEuJpaaJhYiPPxBH7I_r4ooq8veOerdgTOug7fYr-JZTaeLfFY7Zxzs
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7AA6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFP88w5nmRhY0MXZNtnACQg&google_cver=1&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI7AwSswaDh4QBi6GCC_W8yH2kY9IGetEY2RdlVSaF4VOjvIVVXBbi_LTw4o4S-lcQvY322bmESTVJ0YgnkeZPa42Kg6akw&google_hm=fh9V-ap8QtmFUNdXdFzqSQ==
Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7AA6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZt3o-vubAUsBBQJj6CNk5zR-36U4AU4jZT-QIySuaXw
Requested by
Host: 2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
URL: https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame 4C27 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:19:25 GMT
css
fonts.googleapis.com/ Frame B74D 		2 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:600|Cabin:400
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e2/a3/55/db2bc06cd9b2d3eba01db6ec5a86133e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
869f77d11c14732734d72ee3b4f5d5259bc68a0edbf444d2f65871294c901503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 14:35:19 GMT
server
ESF
date
Wed, 10 Nov 2021 14:36:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 14:36:41 GMT
fb768189efa5375ea2727d55a9f0cc6f.jpg
imagesrv.adition.com/banners/268/00/e2/a3/55/media/ Frame B74D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/00/e2/a3/55/media/fb768189efa5375ea2727d55a9f0cc6f.jpg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
0fbdd22288a8f122f09042d64996114db7f3f8394e7cde0733211ce052633d6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:41 GMT
last-modified
Mon, 25 Oct 2021 09:32:14 GMT
accept-ranges
bytes
etag
"583002737"
content-length
11420
content-type
image/jpeg
16f85839a309fcbf381a1990031d1204.svg
imagesrv.adition.com/banners/268/00/e2/a3/55/media/ Frame B74D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/268/00/e2/a3/55/media/16f85839a309fcbf381a1990031d1204.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
06d0155e67ef45cd233a4912d3ba15e4c61fa14405c388085f0cb9f392a68ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/268/00/e2/a3/55/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqMQ39NiLYbGSKcbr3wPE%2DKioCY6ywoxmsZyzoIoP0K%5Fk1I4qEAEg2NXYK2CVupSCoAegAbXy8pMoyAEJqQL74K4rJGazPqgDAaoE4QFP0OFDoKJBb5EAZE0AUWW0qSm6MQKSAF3xKNsZ74fgJAbk90GQnJIlU940mJKDCxrqPtZKeDYgkqBu5z6BLP%5FbNchTkUKYAWQNdcbr9nmlGAmfVEVImwOTGOzmd11T9Z0j9u25MfvffRq%2DlSuFBo%5FO5T7m302SnQsxDv09WQdpPg5GyzWER5c3PgkBcJb4thgoRnR6uxq6gYFEAE90yzs0bNQzBx2bwm5l5wUz9whuw9y7aKrrIhav2TiVE7BKyd%2DXdpxf2%5FL9drp9u7WtB%2D%2DKdnxbM4YWxPyEp0IiLBcJTXLABNLkxInfA%2DAEA5AGAaAGTYAHtarD8wKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gH89EbqAeW2BuoB6qbsQKoB9%2DfsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTY1NTI4NDc0NTI3NDOACgOYCwHICwGADAGwE%2D60iw3IE4mT1t4D0BMA2BMKiBQB2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoIMuvR8boUwk1slUWWoM00A%26sig%3DAOD64%5F1zU8hjy%2DJry%2D4IywMcCT4URsP2Lw%26client%3Dca%2Dpub%2D3944954862316283%26dbm%5Fc%3DAKAmf%2DBmxdXpBRahsl5PX7Vmd7DlC1fvAU4BeMcUgz%5FHVxzVsLPq5wlzMCBsCpGUEcWQkryCFIhn8wFgTWJ23VLKeyodkgx9c0Vd5xZfta67NNAf2zzokACXwqr2ZHvA%2D3UWm9zjn98zdGmwCYzkejKlBtF%2Dp%5Fy4pA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC39MuapB0K4iEz2GR25PFWWeHQB8AUGkfGU3Eyobo7WLnfAFNyWR4pyDikng8f3rwHiS7XhBR6U7ywTDVI72m5TKBBDhF6eoJle0Gpp%2DRMVWwK%5FNjwvGxEeV2GoBdl%5FuyfW0o9SxuBe6Ejsptit0XwEbJxc6wxpic6CJxc2uwWHkuc2Bf493f0u4lvDG3e%2DksG1eiAV6MYeLEovd%5FwasJtM5%2DBdwKKHGBa8%5Fer5jHuY85IeuvF%2DOWYJmjQNrUE4nuxFRKhGufianHXbMUG3yLZqadfYqdU%5FY82c2UrekGu1XPfCwfIY4kO8YdkNRaoHU6q6Zu7OwL3gWqlIvjqTOl7rYRHAQl1zfAwTev6GBpj65ov%5F8BlHX7%5F0sMqnvRfVYb5HYotg9QT2VeMobGC7XPqFyHyRSpYLXv8RPEIro3jUlKeHeIaDBlmeRQ3eQYJ40SAMt%5FiPlPpNR1APWkvZC1BvLVccFedirSeZNCMp8CEPba89bQgZm5m5%5F%2D1YZSDrwpIfZUO%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7028950194541625705%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4699120%2526kid%253D4799962%2526bid%253D14849423%2526c%253D22700%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7028950203112948952%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7028950190242595175%2526sid%253D4603449%2526kid%253D4709716%2526bid%253D14852949%2526c%253D12065%2526keyword%253DPACS%25255F4699120%25255F14849423%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:41 GMT
last-modified
Thu, 30 Sep 2021 14:19:37 GMT
accept-ranges
bytes
etag
"3127525063"
content-length
1929
content-type
image/svg+xml
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:41 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/ 		53 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
62440b71a287ad58dc8a5d310c7f599cecf42ea4aab78038c7778fe050d70905

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-54331

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Content-Range
bytes 0-54331/826260
Connection
keep-alive
Content-Length
54332
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 28 Jun 2021 03:24:55 GMT
Server
cloudinary
X-Timer
S1627638630.798708,VS0,VE1
ETag
"47f633a8adc4a98065612b9d00115a76"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22641132
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame BB0F 		3 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
br
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
etag
"524465627-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
918
crum
dsum-sec.casalemedia.com/ Frame 08A9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=24292447-4ba9-4969-8309-a2ce7fd3bf2d&expiration=1644503801
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:41 GMT
94a6fe2f-5485-46e1-8a8d-396663a0969e
https://ans-wer.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ans-wer.com/94a6fe2f-5485-46e1-8a8d-396663a0969e
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
PKewM26kLODaNdHJeztli2HIaAargm3n3PT4NR3k75M.js
pagead2.googlesyndication.com/bg/ Frame 2F50 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PKewM26kLODaNdHJeztli2HIaAargm3n3PT4NR3k75M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ca7b0336ea42ce0da35d1c97b3b658b61c86806ab826de7dcf4f8351de4ef93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
4817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13295
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:16:24 GMT
oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame BB0F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:41 GMT
last-modified
Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges
bytes
etag
"502461915"
content-length
3262
content-type
image/png
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmNwU1NDx5MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA3ODUlJaN0YT0jJat9NwAjJax9NDEjJaZcZF9jYXNmRG9gYWyhPWFhpl13ZXIhY29gJaN1YxyxPWFhpl13ZXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kNwthMTE5LwI1LwE5NlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5NS4jLwQ2MmthNTQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkOGJxOGYjYwRwZDxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjOSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM2NTU1MDAkMDpmJaVcZD1TZWgcozRiU1BfYXyypwYkOGJxOGYjZTVzMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGYW5mLXqypv5wo20yMxZupzF6o3UgYzFeZXIgY2yhZGVlZWkfYS1lo2kyLWFhZC1coaN0YWqlYW0zZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v18/ Frame B74D 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:600|Cabin:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://imagesrv.adition.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 22:35:22 GMT
x-content-type-options
nosniff
age
489679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26104
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:56:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 22:35:22 GMT
usync.js
eus.rubiconproject.com/ Frame 46C1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51896
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Thu, 11 Nov 2021 05:01:37 GMT
mvo
tag.1rx.io/rmp/217532/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=767b0bef-e7f5-444b-9b6b-9242682d6675&nocache=1636555001143&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A483%2C%22h%22%3A272%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=540851142&vwd=483&vht=272&aumfs=1500
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/203144/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
no_match_opted_out
um.simpli.fi/ Frame 4037
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:41 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 10 Nov 2021 14:36:41 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 09 Nov 2021 14:36:41 GMT
crum
dsum-sec.casalemedia.com/ Frame 4037
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QeUOEAnb1MKOIn5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QeUOEAnb1MKOIn5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:41 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QeUOEAnb1MKOIn5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4037
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419410995139
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419410995139
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:41 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419410995139
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/ Frame 4037 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 4037
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147001
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147001
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 10 Nov 2021 14:36:41 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639147001
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ibs:dpid=23728&dpuuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160
dpm.demdex.net/ Frame 4037 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYvY8QGE8OpYyuYAqwdzdQAA%261160?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame 4037 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
indexexchange
sync.adotmob.com/cookie/ Frame 4037 		0
0
cookiesyncendpoint
sync.aniview.com/ Frame 4037 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1636555000983-939322734563-005799-005-002202&biddername=42&key=YYvY8QGE8OpYyuYAqwdzdQAA%261160
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1636555000983-939322734563-005799-005-002202%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-length
0
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
43a3f85e2fe4c6e0fec4e6a32fbaf54610d8af0cea0141b7f76e2f57b34dd3e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639240.125298,VS0,VE1
ETag
"236b63123a9e260568424250e763d515"
X-Served-By
cache-wdc5537-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22641799
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1232
X-Cache-Hits
1
activeview
pagead2.googlesyndication.com/pcs/ Frame BB0F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8fK5v_zuHT2vA6ccWz0ktREWVzOuOsCTKX328j-waPTq2XzRTJVsAnRA1Mu8xVMVpInKLjOWHOQZ0zwetolFAWpEsz7-u7k1yio1peAzBZ6WGIsALTw&sai=AMfl-YTJz33X-Yj572ltexQc4thCCYnIcR3G-t_DSONzBHox-1LCmTNue3HNhBJwP5YJc5u-b6RYGPHV-HgMCzFB_Z1fl7vFW38E-U9kkB4dCcxJiClqNgEVxE-Lwz8&sig=Cg0ArKJSzAD3AzNPjDm2EAE&cid=CAASEuRoIMuvR8boUwk1slUWWoM00A&id=lidar2&mcvt=1098&p=600,0,1204,160&mtos=0,1098,1098,1098,1098&tos=0,1098,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=284499190&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636554996723&rpt=3391&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 46C1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/jpg
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272&nid=56ea678d181f46c76f8b45fb&ncid=60d442d6d9a5011a64643848&e=bid&cb=1636555001420&asid=60d442d40f756732ee412787%2C60d442d4bda1a9322d035404%2C60ebfe94ebe867570438e997%2C60d442d4c8207f7bbb7b5a16%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:41 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		118 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
9a78e6a85bad2719e4994eeac1f90040b61a33364a52264cdfab6a05285db4f7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-121259

Response headers

Date
Wed, 10 Nov 2021 14:36:41 GMT
Content-Range
bytes 0-121259/1981144
Connection
keep-alive
Content-Length
121260
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642123
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC1 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_FyK9NiLYbqgIdaNgAf1_pDoAQAAAAA4AeAEAg&bg=!z8ylzIjNAAYDGbPvAxk7ACkAdvg8WsGAkXjTeCwX1WIb0TxjiKbUcBcwiSxw_Qzvj6FguET_PcKcLgIAAAUAUgAAANRoAQcKACnO1wjcpHBllcyvfYWRMJDWbg8m6uVjM5YYJknFWpDyaNugszCAod7I2ZkC9Q3GIN3fQND3-qwhrO-CHRg-AdK4DTpXwWCWaeZ6-z6IuVB8OcRo3DQ-dOI-dhfhMVd1hg0BkX2Ezn81CJ_Q5f9Glvo11k8FJF4Xe9nba04UQjhWYWU5vtuEdiouZEt73pkxA6L_HkG1k7G73XiCaxLuKSDzZuTAns-EzvJpCja2pmJaA13ElmwOqURV4IdnO6ipkyf3E0L6YsfuUzi6UuaZeGdTGctoZAS33hAZoHCzR0-C1gGSGsSUoEjGooAkfvvnbRMEO-z1BQUsR_EDx37gHVFI1bZ0038tpV0M95rIsqGAvzsDd1qk2seu1skstN8_fnFmlZXrt7t-QTHgzDSd-HCceBLyC0_Xpm84P0mCxKA6JIibiiHxcpmAQ9ESTC88iUWPIwSgjMODxANojbe31TTS7wHI_P7UUZrEQJ0PBoTjVteZIEbUNVet_R3yd0FLvddnJ7nwY08aKM1icuJ3nn7lWT0pqe8hh6xFzsE3WgUDPryhgWKf6jdXO6UJPRt41VBPdisUZCbb_9Zjc0JTEjrkbswKWsiEp6A_WVtUsH7oJlP-Wbpga9xae-NeT7IfwnhnP1K9rPOxy2fBI9DKn8I3Hm6_0EI9Aph8D_YfuDh4Ixt1zg2d5KF4GERFZcwhAG0L-RFLaMZMEbCbzTPJ0VBk5z81KGuK83H-Z39naQHhZIaJRNMuJ6yiugkfbsLH7va1SZeL6XIB4RQTEtv-0j5Dri7M3C0DAIvi2R133fTYZOdx83SK_OhFVCRiwUFWUkiieijxPq2dl_RPMOefPBpp3rJplxxPQNBEBV8uMfhVRk-WVMS7e_upwdFNUSjhOjwmFy59GVEvU1bkxml1d0zzWzbhYhzQfvvfMluIKMefffhZ0rZ8OSgs3VcnDUnn4MGonbefz_3d949ClUdYTSh3xpI3_3P15p7WX0aEr5DtMTipY3FxDN-7IfJHnWnxFuddtEJGf9GBFOVwUzEdtdNMvdR5N8u-0r-mP7gGk2ndtCM
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
services
g2.gumgum.com/zones/210380/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/210380/services?dp=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&pu=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&rf=&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=ef52c28147ef67897ac28d7d133faa4859ed938b&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1636555001554&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:41 GMT
access-control-allow-credentials
true
server
nginx
timing-allow-origin
*
etag
"0d41d8cd98f00b204e9800998ecf8427e"
p3p
CP="This is not a P3P policy"
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7F52 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7AC5 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2ADF 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FB00 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:42 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3F0A 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C004 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVi9U9diLYeu1A9vJgAfOxbGICQAAAAA4AeAEAg&bg=!_P-l_7vNAAYDGbPvAxk7ACkAdvg8Wk1pvvZg-dkZf6spRxOWvODOGdu4B9dmpmNGEYux6mTr8TeyHwIAAAUbUgAAAHxoAQeZAwWsGhOiTw8fhRgUGnYxMjC3lHwJ5_eYfSyk8KbyLC8r53iQunf239Wz4y3tBrv9fPS0tUaO88b1hN0FCtACBro38UZCfipfiRP32yGb-E52larDQncqNggJfjwIwrGm0SqFIbrvDy7e36io9cHlltxjZyu5do7n6RmLOvTsiBUlu6s8mJD-16hbx-geX_-_Q0ExZkl6Uw4xs2aOH1yDQfVcFnRqRSwjSxy-jHyZjcFT4b3Zel6aawEWIhrGtBf8DNeSfwfSKHn-vQh9VZx3Pptua64lKcEYi4YRqCi-1G1yOK7gy2oyHblwz7VioGx5_giZKVSocbB3Lki2c9X3yQeZdvgdRLaLRAiXDSbc5Cc473p-rgkMHp0zhPpEL6VyBwwiak2lXZt84HGMcucVAcOmwDA-ylP59I-K0jbVkanC7X_0KOE9ToB0Jvw5ZJ-ihMz6P1_NsBgu_vNSkFNdIPdayHf41GN6F-o2n0zQBhAeEYktgyEzzVmhcGzdQWCwNy6e32O5KDYFAgcYn08aWaOL63-sG47i3W14I9CMyG91Ayl6u8cyfoqR7n6IVvK1Xnt8s_tBV197WRyWXaK9gupmeqBE4Yscdef2laYT8aHqe1xpfjDMW1pZegtJwLN9asXrrtWLICFL3s7eOOjq5IojZ4Es7WU_UHlgYCaEAAcw-ewXNH6RYUsfbXcj6wvyVYwqC7459tHBRB_mhu-1syxUGne18LTShWPIt3SHyfN6pEwCRayU3zJ8aDsIUlRofqByz4ojb1QnLnG7l7V7SfBWqr8R4uKvUmyXMox7eGEUOGaDf5n8qR3f3M8ACvTCSrReAw-lrywF-Js91uIIcn3OjOjVIp_4IKv22Z3XN-a2hR4eVafP0ZOsfmD3CBjSF_JNJgn4SCoJoNq9J3UcuYvAJOYxHQAEYbbqyA-XImbprObA9cc06q6xldt1Ld01OqhS29w3RDLUh2ct4_ofmAKHzxzpM-ojxIKoP6aD6rLUbu7rf7gpzdJfbUGTTmKfmyAYVfXCgw
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A93E 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Brci49diLYePFH8Lv3wOszK_gAQAAAAA4AeAEAg&bg=!Li2lLWnNAAYDGbPvAxk7ACkAdvg8Wl0xEMGNIDFYw4Jmdwh-TAnBthkm5YhQ89Gx3XjYo3XzlnfX4QIAAAP3UgAAAJZoAQeZAwYLRDK1rg2K6IFwex3uYwoOAKfruFtLHtoCjCNijdonKvGp58FgfWc3TxQU0L3u-z6aGFph0oEApNh5fnFN3unh0s0DoWC4qvobBr6a46YuvbfwXiD3hsv1OzepmDyl6_Lfw-FqWBPVaEO5hD0HvXovQNUQeNDkD7x-H07FJqRyGBVYqBqaIj-qOgk0inLkvDCWNs4llkfd1bTboHoCpvNyuxIXf_bHEelM4kV09-K18bwMmMZUvti4Dr30z8xEg9RxSrIWAtiYrTYNmZjUV6ngsEr-dDAT0a3VUO5VtxbscIKYZt3etxs9JPD1OL58D-8f39PXr6hTQ6CRLE3gRoua5tTgf4MRKmTOY9gBK3zl43V2CqeM3M5NiayxI8eVm15xas6EA288tPhErXncQdEOIPoGUAtwLn3cxQPKFFU0zMIB3HlGY2h7xcF7OZA0VHGI-QXYDYW-E2OziJX2Ozy6B3Qx1EnvMwxBQYpT72-stWb8qnIv45tu_jS9UxrDiSWsNxlN1QEfEDEtoaV1LjYYqm1B0m4kRXgJ0qgbfVo57zK2gH4hpM4obV6Q7VLmQ6k2LLEiTdELQk7kVbdG6TNWVLoNTyPcTu0gIZRtXuxiSmbCDj36VwGvLQ3hoER2hI-yev1pjeMt1S0cOIYZ9NstKIkwsN9SKhha-IouUgz0ZAR0hLhrGuX6Vqi0u2xtfxLdov4BIoVf2QMLipPl-PM7H7eOxq1pleFDd2mimP6NJRynB4bMb0gSZsY4xXjv4yfN3eYPNKCQCmgpRSEK8ojIB-jlAyCscnJjqwgSBvC9bb_I3Vf1weLP4vNrxUHgNXwqFZAcsgYdjcFJy2ap-bpMWQNZQJEg88QDeTeO4ERJdV6gx7nc_Km9mcvpYuzit3YeH_O87BqOk0-Laq4nKTWaCdpNGyjRVmONrARkgKFxmTf5WWTNzqeSS7h7wLOAMhRz3y5uKvimoLpv9nPsT4LZ1n0UKp09XjZsI_HiD3HbBNDS6d9svmsZzU4xpmDdq27zjEpI8PU
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9187 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrtDQ9diLYauOF_Gf9u8Po8Or6A8AAAAAOAHgBAI&bg=!sbKlsvbNAAYDGbPvAxk7ACkAdvg8WvSUbXLhRWTPV4hhMadEGs0EkLZibj2If47U44b2ZNmWiPBpRwIAAAS-UgAAAIBoAQeZAxqiXWEtrs4BV7ED3-gX-pkrAJ58FTHE1Sc53j9BIWqyJcpJzfN8glw3iDSbaodToL-5nZDqpisSuF1TYJ-I8Qdp3_z8_BIbCv8NYtyIf_vkolrjkhnM0cei2fcrgXXaTK5dntuSoIwLTfeekoHtV-Gy8GrEOvlwsUS476TEEcJgF87Y2RD7AiXlE0KmIWMcSodGIt6_zkZ0ncd-fQXyEGIFabYK5fhNR-KbpVlO392VviMjyXXLaJe8W2JzyCJTQmORMELQi8VUcgqXYH5-XkrCZjlEzLRA2t4tCJ-BPZVY10iD0WCpRi7Cz9LeTY4X701_MMnrbCPulJXJ2f38XJSDmjDKebHSPT4ceaIKGfxQownuCJTHsKW5-3k8wy_T92Jh5NdPziyHMwubbcsVi7Ikvca4lC2mcvuYVJDRQlr9OpcXwAq3HimiuOK0T06BKweXFsbmUrgmUKZhO_bLn93N4VxXXBvqCqZMThve3dXO5YWvBtDSjf2WBqc2CXdNNyW98QwybSFIFBRo2Sl442GAseQ7WFxvYpt0n-ecikdSn91abajEZQraRNXQrSkZnRofxu4x5mIlFlJ5hUc7ykbPTsswzlGk8NpG8SqA8rdjEB9Q89BDzgMEP3OdM4jKXiMGCvgZCN21R2ugAfowUKXDCSInvqWAVr2Zcpn3i3m5zV13ugN9Q3AhVK3KJ8GMGEFMD0kV0JnWP_-rOvpzpp0LH4rlOG7YOBvVsrubtS58xksaZ3jjdNoocHIEaopiHF4LToV_IFbyB81fzgL2DXXNV4Id-nxKbPo-m4WeyA0yP1sIjkuAb76K9JvU0duzXN3d7jBefT1ogNCHTuEnVRz99LjITpNZuj2Avo8rbgLxC0Dn0ZqOLYifbhMtfK8qstK-vfjfM9KNzr98Wo3PzcDyj1W1g18R-SGHpNEPL4FMRwqepLSo7a-axV56MDELak4JiJsco2c5IYMXgJcz5oVQre-9lHXuvK7lVaEblGoOY7mdphOpy0jUCF8yHOjKovFCtZsst_I2-YqXTafgxAhLhj5bGQ0yX76EPg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame BE71 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7F52 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame 7F52 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame F70A 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 3F0A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame 3F0A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 2F50 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame FB00 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame FB00 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 907D 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2ADF 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame 2ADF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 0179 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7AC5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame 7AC5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
371.json
id5-sync.com/g/v2/ 		213 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.199 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p21.id5-sync.com
Software
/
Resource Hash
4c8061f081d2aac5102b9670bb273ea1146a974c6b704886389fbbf804e031e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ans-wer.com
Date
Wed, 10 Nov 2021 14:36:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
pd
u.openx.net/w/1.0/ Frame D9A6 		936 B
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
117ed29ebf4de8b2c70c75bb91655120aae4f3a2504caf0433e4506f7f7bb4f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 10 Nov 2021 14:36:42 GMT
content-type
text/html
content-length
560
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9957 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=45993
expires
Thu, 11 Nov 2021 03:23:15 GMT
date
Wed, 10 Nov 2021 14:36:42 GMT
vary
Accept-Encoding
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B49 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9895 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDy9h9NiLYcziBZf13wO4_pXYBAAAAAA4AeAEAg&bg=!bG-lbyvNAAYDGbPvAxk7ACkAdvg8WiLEQqX_YXaRLNFXjxrJCBPyUYS-LyxO-Px2vp2z5PvRdjgGIAIAAAPRUgAAARZoAQeZAvx8uaxjaOGr12ACDwkvNQC61N7AJyCmP2ajA33v74tFSvG556gtmKhj9Bxwd_V9uTsBsttlFsFwPjwkNWBYs44EEvTd52c7WzFOAOfnVR7JhBN2AX7JZA5qUW-pBpAivbXlkgoeG2LFiAAf1Eb2C1ucze4eWsxjOznK4ka7zja4WuTRaTG9Y5fE2G6uf0sjkR4pbjhKp12nzXxRlnhzPTlTgHT5zr45SXjSogOLWmCafNg4-WOqEdDkuqyFPEjmWuAqT_AuNz7A_AcZm8Go874Au0UCmf0UWuaZotGmCr6_OIyzs91lArtUBAMh4XyC4kvKrrLouusPiwjBNERhNWUZyHkVVCmsThiYkBqLM8gHXatSnBicIIMR8KtyS9lqYeBOL5JQdt2lnmmn1GP9dQPayAcPk5oXHgCc9vqF8KnipNMdxxa3GQQCxLJLDR74zhNXdUmknGDThU5U0uuOXseaHfQz-xR67sCfQGZxJ7yu_ydxnmlSyKLvcJBkBib8Gq6mG9RavybdwsD14VzvMl0MvvGRirrMk3kPySdEjR7VIncnehlr9qkcspIfMJCexHcURQGuLDMZlzXU7FFAgtwYnLz9JcNu1Y9Db_RSqg5GLn9Jva8VAbJZRaJdvGoFlQhr-hLDYk17GojVuFI7hbzzZvcU0hMfKYKjOSYBsnF2uTWVcGqV-42jYtD0pvzwSH3fyrmc-pZEV5UBMPPtsEiHMQ2YzDgfZD45XSkAgWxuTd0_fC5BnOWxUGdAFLfUqSyp5ff2LBv3EJL3dR_IQp5KDuJnbrIZCPB4aZFYbNg5vmhfinGS2aES3IlMFLY1xnnppOqkZ8TZgVXEyKOAdtajKQ3HuQV2YE-SK-PcMDfx9ye_AnC6hlv_nA_-bNiaAiRc9nrEhQ0_JNjmewZ5j26UP4Dns_0aFwCSpDdXLUNzoZ8j4ocS_NlLYxH89D6OXN068Fo6H8yB_99bM2TAbtt4QahsKZcFCXbuzAz34z4hQM7SidxsM8f9WYEECg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 01E8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQsmk9diLYePALpL-3wOCwIzQDwAAAAA4AeAEAg&bg=!v7ylvPjNAAYDGbPvAxk7ACkAdvg8WtVoA-Y5EmFfdFunyFuKdmJJMOM1JYh2BOv8426sjU-BrxXrQQIAAAO3UgAAAS9oAQeZAvA7oPimVr9SjmcXcaHeHOCcXWFtheASb5Q1_v1klFPwVqMFM8vi8ReLF5CIol3JCKLXsz71P6Z-amhMPWenXmWK7BYpFb2Bjl8MnPdDTm-sS2ItehCibCoL21ktNEPUHwu16WsfjmJhPETydkmOGxmEGhuwq2E6TTsfc1H3sJnEdZeNw7L_lhiI4AybqJlGBK7SrRlBCVkrl48FvL-fsYSff7j74v3UHDgh9LeOBvWzo_M8Engn59qN5vjEWbEKxUktv00GmNbMfGESpx55gXx5xIPmRFaWN7ej9zLDwttFDMvUHPQYb6SEQiUpVSv_xmJKwEhVQ_ACLPp6YEf-dOX4V6GJIjZ-tzv0nb7FRvvqOfbCmeaOza_v19r56GszDY9IgwuAqJocd5CpvqcHlS5rs6cs2sJtlD8GR499ifFCMd4XR6rb7g2SwUfmybRk79IpyZPU6a4dLlh1YkFn7IR2CIqSmR2EUxwiZpM2usXX3VDZkmXkc8ugidO0PWdv4Z8OG70dyx6KsEIkhOGT2jqdnaRjYKuTGkLvpB3baU5M5vjUVatH--Cz5J0CbO-wTtjsTgJSbGdzNLy33dYBmP9Lb_5IqSbWga3yKE7eW4aiKz-MgGHCWB-hXdAmO7kQ7aTsF6CXQ3JsYid-gv8VGmFL97-Fn6Ti8oIy5FAr9SUACrVbsskZSkrG0MHdZIbD0fze6ZZpoLYm-exlz5a8N50-WYrR267kCUFMAXR7SY3toplswBrNc00b5amU5mBgCkThW6K38RF7Xa24KVDhyn8sqdCSPfYmFtpfhpwnumhdqFo7vQPIO52vjLqXygttLf63qw1App64q3ZPkoUHz-n9rB0fmXznA9sWhcPhGk8ga9jKSbN1PhrUeofDJ0B640Ga3mC0QE-MAw8meZ7jpF1z2BfXc_V7wKTUbb1g0e9JQfRSwbwkG3G2_IW7KXaUN1PHKfesXGrKh0SBzIN3JLz-YMXSz5-43XbwUe1PFJhafg
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B839 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 400A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BC95 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F2CA 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4820 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL0Vj9diLYZH2G42U3gOU_7aoCQAAAAA4AeAEAg&bg=!ammlaS3NAAYDGbPvAxk7ACkAdvg8Wv1gHfIxWpFeb0XwTmM1SWPjAyDeTkxssHHb_jnJWVpZFWtzYAIAAATkUgAAASdoAQeZAvUk0eoJJb26zaWMuarClzcw_TPYFCiha8Ja-r0QOaZ1xqQbirxAl_s-Oe5X3DWYrKx5Z2px7cQaJthU5LdhK360lR9JAdb6QtEZiUn60vhsQVdl4W5hyEz-jR70G-65JQaD7RXMd43uCrRIRB6i8J6sx4xcnyr87Hk5cqi5YEJo2qudzn-6lIz3zCEUp_5eimEAwqWOBhPJ26rDMgahy71Gy89OsReK4QH-g5vxODxhBR_n08yhtUTX5QBKbb_2VxdEAu080_eDhGZKvEQXAaS-f-yu24oua8W9oo-63SQVJoFBn-g3oQUaxDxSyhM-oIL4c2_9KIqiXSczbL0wAy_Oq5ocbLPOyqWiVm4U4X9RhxqGNTWm223PlesUkTQXleN_OuaXWMJ9K3VvWCBVvwrbGnraEK-jEQOkSxF5vzP30ZIcf9vaYeW8SJICe9rP2tkKqWNOFLXTbacPpTa7cFGOQo7RtN68T4uzxR6LrL4EfDfjto-hvnjJxXjFjDqGTXi0q_1eWBF814AlasP3h0aLA_KxlAqADUbt1htsY1ZbdtlhUEehVPNbmfXxAZ4JVyqySs5J3_M-mqNaC5ApcpCwpZBjhCoAJR9OMPETsWyozzEnBeShux_yTVabSbC6Ne3p7--i81Ii8k2ujwVo-Rq3HHg8tU0flfu5C5kDX_-hy_UQCh68KnpCtu6Y3weTTxAEn4Wgvcjq7lpgmNfKJB7_Yux49IF4wPr9bq7JhWchRPoS5ugrnFCZxUB5hTN4DGIb5mvePw2OLVdQa7HwDlRNPu5EifA_ddhHibrqXlxdhkpv0-kYZmglPVglU-5LFw5Yv31hWmkVCDJDUrphzA5sIscV0TcQqpZoi0iPxwRYEUe031FyATfJPKGDQn4-arG5_eJp8QaJ1rxOSVdxN2yUpjks0C9zk4DXmBGveSdSp4ne_DBTI5bUqW5pcQC_BoGtMW4a_CVYz5E4t9Q7g6gnCUfkmUbPw12k3fTt5Qhk3lssyqIv
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:42 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		219 KB
220 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
9b8eb5ac6c3afde3784a60f5a392b8bce60621ced0926655cc4b430f4f157ebd

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=121260-345731

Response headers

Date
Wed, 10 Nov 2021 14:36:42 GMT
Content-Range
bytes 121260-345731/1981144
Connection
keep-alive
Content-Length
224472
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642122
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
um
sync.teads.tv/ Frame D9A6
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=e06e74de-f1fe-4ac7-a363-401d3839a7f7
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=e06e74de-f1fe-4ac7-a363-401d3839a7f7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 10 Nov 2021 14:36:42 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

date
Wed, 10 Nov 2021 14:36:42 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=e06e74de-f1fe-4ac7-a363-401d3839a7f7
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
openx
tr.blismedia.com/v1/api/sync/ Frame D9A6 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:42 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame D9A6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EBSD7A65QTN9A9RHYMYQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DF1J65A8SQRNH3DJRWXF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=0dc2529e-0bd9-ca67-121f-fdf6594fac21&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D9A6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5c2f5f5e-820c-4803-a54a-c186c3a29ffd
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5c2f5f5e-820c-4803-a54a-c186c3a29ffd
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662304077904190
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662304077904190
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ac003c25b815c68-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662304077904190
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D9A6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9fc13ff9-4233-11ec-b930-65692a6201a5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9fc13ff9-4233-11ec-b930-65692a6201a5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9fc13ff9-4233-11ec-b930-65692a6201a5
Date
Wed, 10 Nov 2021 14:36:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9fc13ffa-4233-11ec-b930-65692a6201a5
sd
eu-u.openx.net/w/1.0/ Frame D9A6
Redirect Chain
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
  • https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1&prevuid=&knw=
  • https://eu-u.openx.net/w/1.0/sd?id=540394477&val=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 10 Nov 2021 14:36:42 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://eu-u.openx.net/w/1.0/sd?id=540394477&val=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:42 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 9957 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93073725&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6c1b77bb8ac9d32094589ca4eccbdafd08dc849e02ad215e9191f4194604a42b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:41 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
www.instagram.com/accounts/login/ Frame 9BD6
Redirect Chain
  • https://www.instagram.com/p/CSM7kaVI8tk/embed/captioned/?cr=1&v=13&wp=540&rd=https%3A%2F%2Fans-wer.com&rp=%2Farazou-baker-cinderella-role-and-instagram
  • https://www.instagram.com/accounts/login/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/
Requested by
Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

content-type
application/json; charset=utf-8
ig-set-password-encryption-web-key-id
87
ig-set-password-encryption-web-pub-key
8dd9aad29d9a614c338cff479f850d3ec57c525c33b3f702ab65e9e057fc087e
ig-set-password-encryption-web-key-version
9
last-modified
Wed, 10 Nov 2021 14:36:43 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
vary
Accept-Language, Cookie
content-language
de
date
Wed, 10 Nov 2021 14:36:43 GMT
strict-transport-security
max-age=31536000
pragma
no-cache
x-frame-options
SAMEORIGIN
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
130
x-ig-origin-region
ldc
x-fb-trip-id
1679558926
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600

Redirect headers

content-type
text/html; charset=utf-8
location
https://www.instagram.com/accounts/login/
vary
Accept-Language, Cookie
content-language
de
date
Wed, 10 Nov 2021 14:36:43 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
0
x-ig-origin-region
ldc
x-fb-trip-id
1679558926
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
Pug
simage2.pubmatic.com/AdServer/ Frame 373C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYvY8wADhPvA_AAz&gdpr=0&gdpr_consent=
1 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYvY8wADhPvA_AAz&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug014:0:315
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYvY8wADhPvA_AAz&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 varnish
x-served-by
cache-fra19168-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1636555003.020526,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8068
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg
42 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug009:0:450
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGie07DF7IAACh6cQxlxg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 58A5
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug003:2:327
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 10 Nov 2021 14:36:43 GMT
server
_
dpe
ad4m.at/ad/ Frame 9B38 		15 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ac003c2c9f3c2db-FRA
bridge
cm.adgrx.com/ Frame B05F 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-7
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 65AF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5437803960
  • https://sync.1rx.io/usersync/tradedesk/33550408-bd18-4c2e-af2d-417206d04e39
  • https://sync.targeting.unrulymedia.com/csync/RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug019:0:470
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
etag
RX39d140a85cf14807ae406ab0f2286b01003
Pug
image2.pubmatic.com/AdServer/ Frame E318
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=88XOl9wnxstqlRkUmmXAXy1M
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=88XOl9wnxstqlRkUmmXAXy1M
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug019:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 10 Nov 2021 14:36:43 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=88XOl9wnxstqlRkUmmXAXy1M
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 5C21
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=58964153146762
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=58964153146762
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:533
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
komodo-b2d1da4abefd@version_1.344
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=58964153146762
Content-Type
text/html; charset=utf-8
Content-Length
277
X-core-time
0ms
Date
Wed, 10 Nov 2021 14:36:43 GMT
i.match
s.tribalfusion.com/z/ Frame 052E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ac003c21ad85c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
90
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ac003c108825c68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame EA6C 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 10 Nov 2021 14:36:42 GMT
server
a
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 099C
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 varnish
x-served-by
cache-fra19141-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636555003.153087,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 varnish
x-served-by
cache-fra19152-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636555003.100968,VS0,VE9
x-vcl-time-ms
9
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 396C
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=8F3145E21F714E699B5B0C69874CBA32
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=3ffafffe-9d3f-47cc-bfbc-3aa052675337
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=3ffafffe-9d3f-47cc-bfbc-3aa052675337
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug010:0:735
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=3ffafffe-9d3f-47cc-bfbc-3aa052675337
Pug
simage2.pubmatic.com/AdServer/ Frame 3CBA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QeUOEAnb1MKOIn5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QeUOEAnb1MKOIn5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug021:0:812
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 10 Nov 2021 14:36:42 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:QeUOEAnb1MKOIn5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame A6D9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8F3145E21F714E699B5B0C69874CBA32
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8F3145E21F714E699B5B0C69874CBA32
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug006:0:375
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8F3145E21F714E699B5B0C69874CBA32
expires
Tue, 09 Nov 2021 14:36:43 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame C69C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MB3e2du3RDVgDP5wLbdDhqh3GcU
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MB3e2du3RDVgDP5wLbdDhqh3GcU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:467
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 10 Nov 2021 14:36:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MB3e2du3RDVgDP5wLbdDhqh3GcU
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A4C2021-80DF-44D3-9139-A753695F86E7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A4C2021-80DF-44D3-9139-A753695F86E7&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A4C2021-80DF-44D3-9139-A753695F86E7&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A4C2021-80DF-44D3-9139-A753695F86E7&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A4C2021-80DF-44D3-9139-A753695F86E7&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 9957
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:41 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=2A4C2021-80DF-44D3-9139-A753695F86E7&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9957 		95 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2A4C2021-80DF-44D3-9139-A753695F86E7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ac003c139a0692d-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 9957
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2A4C2021-80DF-44D3-9139-A753695F86E7
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Server
52.86.83.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-83-177.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
2A4C2021-80DF-44D3-9139-A753695F86E7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9957 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2A4C2021-80DF-44D3-9139-A753695F86E7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f879:a4cf:9cbb:9098 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=75a85a4f-a6c4-4457-8d12-499170e0153b&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:614
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 10 Nov 2021 14:36:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9957 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2A4C2021-80DF-44D3-9139-A753695F86E7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7430506455464492218&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7430506455464492218&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:431
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7430506455464492218&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:545
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a449ef7-a26e-442f-b5d0-38fe2ffca3be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a449ef7-a26e-442f-b5d0-38fe2ffca3be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:418
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a449ef7-a26e-442f-b5d0-38fe2ffca3be&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 10 Nov 2021 14:36:44 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4777276572329354755
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4777276572329354755
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 10 Nov 2021 14:36:43 GMT
X-Proxy-Origin
168.119.25.197; 168.119.25.197; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ce91095b-97c7-43ca-9767-d81781efcc3e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4777276572329354755
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 9957 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9957
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9fd1452b-4233-11ec-94b9-77ba70aac1fb&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9fd1452b-4233-11ec-94b9-77ba70aac1fb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:661
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9fd1452b-4233-11ec-94b9-77ba70aac1fb&gdpr=0&gdpr_consent=
Date
Wed, 10 Nov 2021 14:36:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9fd1452c-4233-11ec-94b9-77ba70aac1fb
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C27 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYWX49diLYfKeNsyDjuwP3L-ukAcAAAAAOAHgBAI&bg=!TU6lTgrNAAYDGbPvAxk7ACkAdvg8WqY2dXFdAOfb9KnwJk5ZiwFe-Wf-pGjPMhX-TVUR9h4dMoEtPwIAAAThUgAAAD5oAQcKAG5KcUBwcdm_bPjZ0Q00UbhVWTFiWKbJniAsAAkx1bMhPMReA_EB3pCjv1HSjUKRBnFtjKcXKFkT9WKJSEQB62B9AEYvvouXOmeTdnA18WeZ-4byRpPNtHKY9-GXlFOZM2CGNBzNz2QwFP4Cj9JxlJkC_hFoNEDycEiUAwIDPc9S1MaCcPAm46QVAhNHRm-BM6ypNLC1gSMqpDpbD8CdsUQYq7tRbd0GwOk_kdKN7Mb9g7cFzsOhQLtqhOQrurFJq2luUiHaOrTos-f9jQVYWAm8KioubPRVAhLXBBBM6PD4BgqgjW-3QQxkU67NfN3pKZrEY_fujgdJ5fmtrdamTLc5N4YscbxIMBKtZeG2oGrgmXlFgnocADWdy00zKDDfUFOjlJimCtEAC7VIgmxjm7sklWpNBRPdy7P942NVRI0GBuLWM35E-mi9p6wjqf5E-2MvYg2KQGsqISuqWGsTknzWAUAAzARxjRzOapfu3k1q3VxugGRtMwW_Qp5UshHAf2oBkfMqEUpt_1Z52B4R6ZD3imZOuVZWRHXAk1_UuvVjok-ohicpFjQRbZPEISgKDI_oyPuV6xhgHG9_iH9dVeIJ8p7i6SD7ATrJMb_Uze-Vysk0Hmfsa_Txhy_-iZ6OLOio7YNgSx-q5i2Iu5YJLNdYCsVaH8g7FF6RseFmcoDOKuAI23xEn4idK-TrolK89yLrhRcv4sWkDA8_ghSMucPDTaRJ_7oVD8DHokWOfqvoabJFW41ZzTD2rQVE_hxYzGuX26c4VNX_Tr9UUz2N_jcodtGiTHAL-ksq5GPI5dryI0rXmdb76zRQ860AuCk77QYT4BeSsfgaDtHk1np1DAG75ZNd0bAanEZelZoHmKATG2fWb6nleA-DIOabw7KKeRPJdLcJ4LWxP68w_js8lAjNrRIGSM_f1qdINg9KMm7Odys79GBkOyMn4tnLSJNcQYfAQeEhdDjkE-pxKvUOXaV5W_giNChfhu8e2UZVXKyFdmzX3D6deNDqzQH-fy9uHSaS4NzGnukwQwlNmCqMGli5RefjgS7CqEvQLs538r9sUrctp5U8SSOYxS48NckZHYrvyE-qXsYwVX34gOy5R4_x5tflsQ2tACSu4TryIWbmPJCGK-ZnbXM4nAsYommqa4slm1Do_JiPXYeij6-F1Hs
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F50 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkyhr9tiLYYfHGoPu3wP8y5OICwAAAAA4AeAEAg&bg=!t7SltPDNAAYDGbPvAxk7ACkAdvg8WmAohiEhTBHEmAll9N19cPsGzApuR0QnBgOhf_4GuS6Ri5yOJgIAAARdUgAAAD5oAQcKAKYNuRSvpLLzEkF985tRtNh1w4IFG4HdcQjKEmavcmqVKFNSiZKJQKPACIJwjVtcliLY3VOloy0VS1waVo_Z3gUNXxmiheNkPLIN2uVDkdZywoog9Bt4zXmiKeWy3biRELk-h6HUDlk6ykFPepb1BGhbPatad23w6eKowCT7ic_RUQb01iePbqM3RQSGE4LwPtCE31HqEYODlnxBoXw12kCnKRReyG27mQLtk548PHKTJWdl9r1e4FGf8bR9Ml8M6l-aSaZayUXeANijwjQkyS8eVGZBjLxwGjOgciV-DQGlCSAKLOxA8xvaX0yU5hu6W3KoO6NHyPpXT7lYhzRXvAeZF5DT27gFMWHzFSSLFcXdKAEYXSMCRh3C2Wtuw62ZG3UpWIHJ3plHCjDncxqZw9yv4PSk3_to5cVXxLES0QICsu0ywjEqEw_7RQ8jaePGSjYGcGYnstuakeKZOzFwt3Iw4J9NM4N0nRVLTrCttmUH_Oay_8bmvf-GL7Q21GtVa-uPxVcBHZWYiFsZ1Cuy-SoVP8Cfb7fN3t-2feLz9UvIk65HJUyXwMmPaNWUdcVnpZTLi5HDr6ItVJH98rS705_xzxreK3kJH6wR_lswcnVrHTuvgmjALzgGf0bvMbKoh25HeWiUSX69x4oh3zAif-d4R6-b6tgOlOIOzDgwb2Xo85bXZfndabmyJyZRkLU0iW7tRzw8NDoR7X9H1zwyL6v8Gnno4ncbBrrUq7XlgAI-XmnDl1JbdA4iWFwJ1epnBWC4DFjbuToWkEEmEAZ2wL9IUPrqzEgpqWNMWvpr_MI38l-WzJvFR8NR-tQ6jYRTjsft433yUleXZRh11Pc6wlj-QGttvve7RjVkZqCjpqYm0fBC7xxTLzKRbjh_KtBTGTKGzqQ60LRb6ZEwKkieIxM1gTSVox8MYT30u-2hoxWoApgCtYlM8VsD68q2Y7jTvgT7tdzsb-6MwgA_zaJ2HamjFJ53LnqXDkbcZTiV4gI1zEKFPRv8hK65dNAXrQ7UiU2xOnyHn0NhdOnpZ8leq9inYLqNk8Z9FzKRpNd0llDmq_wY0wjZR_srP5GOkJdANGn1JQh1F-Cz6YUEdcnIMVOtFR0TyqWPvVd1lYmqEsq3uDkuXQFlAkjfCF3TR-sQtEZyesCOJBHWR2xoNhhrXhGymu1u1wi9HAvLdLEq3B_6Nxvq2qA74oGS1o8ramoNP37UbQoljcU
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		136 KB
137 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bcad1894d6fabb48473205ce8d27e7cf9a173165af7d8afed3ddd6f401d273b5

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=345732-485227

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Range
bytes 345732-485227/1981144
Connection
keep-alive
Content-Length
139496
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642121
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
ads
pubads.g.doubleclick.net/gampad/ Frame BE71 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&cust_params=publisher_name%3Dans-wer.com&env=vp&correlator=2037922835736607&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2565712659&sdk_apis=2%2C8&sid=97A4850D-36FE-43FB-AA5D-03D8377A91D7&nel=0&eid=44725356%2C44750823%2C44752711&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555003300&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=1189186439485579&ged=ve4_td2_tt1_pd2_la2000_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
27f75f4660d485e093c310ca0be8026a3e529f80776f0cc1b833993736d38572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
774
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F70A 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1249241947913208&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=456591862&sdk_apis=2%2C8&sid=7E5EAAAA-BA50-42AB-95CB-5D451DB1A37C&nel=0&eid=31061774%2C44737475&top=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555003307&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=915717820319512&ged=ve4_td2_tt1_pd2_la2000_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2F50 		1 KB
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&cust_params=publisher_name%3Dans-wer.com&env=vp&correlator=2534559776172388&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2126610929&sdk_apis=2%2C8&sid=D1B0014D-E735-4162-9EB4-5689B78B74F0&nel=0&eid=44732022%2C44750820&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555003313&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=4032566606321275&ged=ve4_td2_tt1_pd2_la2000_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
aaa23517893b2223f3548d7ab497f8adda822196b4d59b480bcbf44a255308ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
771
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 907D 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3918759982245223&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3129911915&sdk_apis=2%2C8&sid=26D79AD2-F492-4615-9696-2AF0E325BAE8&nel=0&eid=44725355%2C44737473%2C44748808&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555003319&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=3852304871975785&ged=ve4_td2_tt1_pd2_la2000_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0179 		1 KB
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&cust_params=publisher_name%3Dans-wer.com&env=vp&correlator=2651836562594614&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d&vid_kw&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=573039884&sdk_apis=2%2C8&sid=6670BE70-C766-4351-BD7B-32FC8283DDD5&nel=0&eid=44747319%2C44750822&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555003329&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=259048239027597&ged=ve4_td2_tt1_pd2_la2000_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e5c9b862df037796044de56c7c996a0af4ca4ffad00524ad3c02a2adfcfa0692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
768
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		241 KB
242 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a16d2a461e2ad9664eac079012fcf19d254c7f7b9fcc720592fdd1fde8ad8a04

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=485228-732447

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Range
bytes 485228-732447/1981144
Connection
keep-alive
Content-Length
247220
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642121
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		192 KB
193 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e41196faf04e73d27c3850b4874a8176201f841349c4842d9c3744b9c7312cc6

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=732448-929095

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Range
bytes 732448-929095/1981144
Connection
keep-alive
Content-Length
196648
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642121
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		228 KB
229 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
955a480bdc454ca648b7aca15c39ead692ea86a33356fcb5314426ea67a36c83

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=929096-1162779

Response headers

Date
Wed, 10 Nov 2021 14:36:43 GMT
Content-Range
bytes 929096-1162779/1981144
Connection
keep-alive
Content-Length
233684
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642121
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:43 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame BE71 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dans-wer.com&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=97A4850D-36FE-43FB-AA5D-03D8377A91D7&adk=2565712659&correlator=2037922835736607&dt=1636555003548&ged=ve4_td3_tt2_pd3_la3000_er8156.405.8428.888_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&osd=2&scor=1189186439485579&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&eid=44725356%2C44750823%2C44752711&hl=en&frm=0&sdki=44d&sdkv=h.3.488.0&sdr=1&vid_kw&vid_t&nel=0&afvsz=200x200%2C450x50%2C468x60%2C480x70&kfa=0&tfcd=0&ctv=0&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0179 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dans-wer.com&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=6670BE70-C766-4351-BD7B-32FC8283DDD5&adk=573039884&correlator=2651836562594614&dt=1636555003887&ged=ve4_td3_tt2_pd3_la3000_er8156.405.8428.888_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&osd=2&scor=259048239027597&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&eid=44747319%2C44750822&hl=en&frm=0&sdki=44d&sdkv=h.3.488.0&sdr=1&vid_kw&vid_t&nel=0&afvsz=200x200%2C450x50%2C468x60%2C480x70&kfa=0&tfcd=0&ctv=0&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:44 GMT
content-length
0
vary
Origin
ads
pubads.g.doubleclick.net/gampad/ Frame 2F50 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_ans_wer.com_9&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dans-wer.com&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=D1B0014D-E735-4162-9EB4-5689B78B74F0&adk=2126610929&correlator=2534559776172388&dt=1636555004174&ged=ve4_td3_tt2_pd3_la3000_er8156.405.8428.888_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&osd=2&scor=4032566606321275&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vis=1&u_so=l&eid=44732022%2C44750820&hl=en&frm=0&sdki=44d&sdkv=h.3.488.0&sdr=1&vid_kw&vid_t&nel=0&afvsz=200x200%2C450x50%2C468x60%2C480x70&kfa=0&tfcd=0&ctv=0&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:44 GMT
content-length
0
vary
Origin
events
prd-collector-anon.ex.co/main/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/ce4839bf-41af-4856-8109-093a8cf57061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ans-wer.com
date
Wed, 10 Nov 2021 14:36:45 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1636555004580&cid=60d442d6d9a5011a64643848&VERSION=4.95.3&AV_PAGE_LOAD_UID=e765f131-d353-433d-a3c8-d3de632e44c3&AV_CDIM4=e765f131-d353-433d-a3c8-d3de632e44c3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.89.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-89-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 9957 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user
ads3.admatic.com.tr/ Frame 1F44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=33550408-bd18-4c2e-af2d-417206d04e39&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:45 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:45 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 1F44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9b7038f5-2a1d-4f3f-8654-a953b7338249&ssp=admatic&expires=30&user_group=5&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:45 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:45 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		251 KB
252 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
065b9ce71bf3d6a8704ef8ff60ad8d73428a6dc173ca96c5d6ee14ecf2ce8884

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=1162780-1419963

Response headers

Date
Wed, 10 Nov 2021 14:36:46 GMT
Content-Range
bytes 1162780-1419963/1981144
Connection
keep-alive
Content-Length
257184
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642118
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:46 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 14:36:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmNwU1NDx5MvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA3ODUlJaN0YT0jJat9NwAjJax9NDEjJaZcZF9jYXNmRG9gYWyhPWFhpl13ZXIhY29gJaN1YxyxPWFhpl13ZXIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kNwthMTE5LwI1LwE5NlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5NS4jLwQ2MmthNTQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkOGJxOGYjYwRwZDxzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTp5MvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM2NTU1MDA4OTt4JaVcZD1TZWgcozRiU1BfYXyypwYkOGJxOGYjZTVzMmUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGYW5mLXqypv5wo20yMxZupzF6o3UgYzFeZXIgY2yhZGVlZWkfYS1lo2kyLWFhZC1coaN0YWqlYW0zZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555009440
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236693/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236693/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555009441
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/ 		129 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=768372022372858714&pgdomain=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vph=272&vpw=483&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6555009441
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
ac
www9.smartadserver.com/ 		129 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=768372022372858715&pgdomain=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&vph=272&vpw=483&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=6555009441
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&w=483&h=272&cbb=6555009442
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272&nid=56ea678d181f46c76f8b45fb&ncid=60d442d6d9a5011a64643848&e=request&cb=1636555009443&asid=60c60c3b1731ed2b383f0908%2C5e1b272e28a06142643c20cd%2C6112a980827c476d02686ca4%2C5b30e37c073ef468ec3ca049%2C60ebfe94ebe867570438e997%2C60254e56dcfb6a082e596646%2C6061efdbb7a06416cc5b4805%2C60254eaaea2c62223814f756%2C5ff1826de52e2f2dd148e0f4%2C5fbe5add3443ef680f0480d7%2C5eae8e6f8ba53f19af36ed1c&ofpr=%2C3%2C%2C%2C%2C%2C2%2C1%2C3.5%2C%2C3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
mvo
tag.1rx.io/rmp/217532/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=31c60b7f-817f-4543-8b4b-3f87d617f372&nocache=1636555009450&id5id=0&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A483%2C%22h%22%3A272%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544001351&vwd=483&vht=272&aumfs=2000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ans-wer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ans-wer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
mvo
tag.1rx.io/rmp/203144/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ans-wer.com
pragma
no-cache
date
Wed, 10 Nov 2021 14:36:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1636555009599&cid=60d442d6d9a5011a64643848&VERSION=4.95.3&AV_PAGE_LOAD_UID=e765f131-d353-433d-a3c8-d3de632e44c3&AV_CDIM4=e765f131-d353-433d-a3c8-d3de632e44c3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.89.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-89-2.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272&nid=56ea678d181f46c76f8b45fb&ncid=60d442d6d9a5011a64643848&e=bid&cb=1636555009639&asid=60ebfe94ebe867570438e997&ofpr=&fpo=
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-193-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A346 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Wed, 10 Nov 2021 14:36:50 GMT
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 84A7 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
407803
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A346 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Nov 2021 14:36:50 GMT
integrator.js
adservice.google.com/adsid/ Frame A346 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ans-wer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3A86 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ans-wer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 10 Nov 2021 15:15:21 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 84A7 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3008064285539641&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2565712659&sdk_apis=2%2C8&sid=F69D7E65-B46F-4D71-9689-DC2C861E2058&nel=0&eid=44747319&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&dt=1636555010095&cookie=ID%3D72511adca22d020e%3AT%3D1636554992%3AS%3DALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg&scor=1454976730554792&ged=ve4_td0_tt0_pd0_la0_er8156.405.8309.705_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzKzKuYKO9AIVl_p3Ch04fwVLEAEYACDCv9lJ;met=1;&timestamp=1636555010191;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 622E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzKzKuYKO9AIVl_p3Ch04fwVLEAEYACDCv9lJ;met=1;&timestamp=1636555010191;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
39e216818ab2b52d46f639d13ee412e1abafee9574df6760fea0fde6a0b4ea24

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=1419964-1570739

Response headers

Date
Wed, 10 Nov 2021 14:36:50 GMT
Content-Range
bytes 1419964-1570739/1981144
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642114
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:50 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
user
ads3.admatic.com.tr/ Frame 1F44
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=eb3ffc5441354ead98965144c21a57cf&ssp=admatic&bsw_param=7e1f55f9-aa7c-42d9-8550-d757745cea49&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:36:50 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 14:36:50 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=7e1f55f9-aa7c-42d9-8550-d757745cea49&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
dc_oe=ChMIsu23uoKO9AIVzIGDBx3cnwtyEAAYACD15MlMQhMIxJ_uuYKO9AIVlNJ3Ch103ALX;met=1;&timestamp=1636555010825;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C263 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsu23uoKO9AIVzIGDBx3cnwtyEAAYACD15MlMQhMIxJ_uuYKO9AIVlNJ3Ch103ALX;met=1;&timestamp=1636555010825;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: ans-wer.com
URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 14:36:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://ans-wer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Wed, 10 Nov 2021 14:36:54 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/ 		251 KB
252 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1624850681/landscaped8c61080-a6b9-476f-9637-e9165001df93_1624849185434.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
71c5fc9a061a07930f6d11f6bc5187b817a519274492bf0dd512c841e94a19b7

Request headers

Referer
https://ans-wer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=1570740-1827735

Response headers

Date
Wed, 10 Nov 2021 14:36:54 GMT
Content-Range
bytes 1570740-1827735/1981144
Connection
keep-alive
Content-Length
256996
X-Served-By
cache-wdc5532-WDC
Last-Modified
Mon, 28 Jun 2021 03:25:00 GMT
Server
cloudinary
X-Timer
S1627639608.764924,VS0,VE1
ETag
"01747df5a26ec8e97b412df85b952b70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22642110
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=EOA0VHTlN7sWT0ZE90fa&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=8e764321958a4acab0c667c0d20c11d8
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=BljNYtjafH6gVLTPH9c3BOga6HkGAub5WHIxqB-eAP0VF2HiIYkMo7lZRqojVF6PQwJtNlRHyAcCgC7cncHsxg
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslGii4_iW7hVgDXHqknsp-QvKO_ORqC1lNIiQAVSnJSZv4tA6nVnM56J8aZMk4nq7a5vjYA2Pexw49f9tV0NhScicd5sx1Ng_Dg20_YsDHwa9KjoYx8g&sai=AMfl-YS5h61U30RU8SBRo-55xCsmJgtQT1DkfX5zbq9QvucHN86a68mGRg_2_4KcFMa7eEW3mXtZet0yTwWurzwCjmF2xeMYwMplIvvZ-QME5OEYdHbFpS0CM7eEcl0&sig=Cg0ArKJSzCqTlL1eg3C0EAE&cid=CAASEuRoOuk-MBYoNRfpow7MzgQi_Q&id=lidartos&mcvt=0&p=4789,620,5039,920&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=687570588&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1636554995730&rpt=2036&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaNacHAe-E1yzAAGSo2BBlTLAkCPB64AVZAOYmnh1tafGvNyjfV9xrGEul1w1aKh1hnwCFY_5-QYw0sE7vhWOUG1RVoeDRLAxZY1cmEGRA9GCyRfdkkA&sai=AMfl-YTRu17K56y-VVgRsRxt9ASYnydPFQkGtgTXiBBJF_xLVE4VcaSuG5sL8KyxNAdJAyMBYJTj6bdeCBI1L1wZAcS0Gd_sg6XdHHDGYddmavPqBXAKZ441EPsnm5U&sig=Cg0ArKJSzNnBjMwjObK3EAE&cid=CAASEuRoTnyU6u6vW9-gDXy6orIW9Q&id=lidartos&mcvt=0&p=5960,620,6210,920&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=687570587&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1636554995774&rpt=2104&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcCL5G7g_6BxdWdv7y7OgT62GomP1efKp0_nDuQ9bAc0UahvD54kLMrB2xsvBqcOVMVq_0kqmmew6PUUsaJdb6AwRUI9c6HoFWi3rd-Ko4zniDl48Whg&sai=AMfl-YRlLM5--2irOnjjXWqR0VhfnHF_NxwguIXZRT4mRRAvRSp0JlTM8m0V-UaqXg_Wzc9_soljg_FAAoWsMHzJqgAOKj0dcSIfzILqZYxNjrV-0YWKd0HW-k-F9gI&sig=Cg0ArKJSzGo5Z_mB-NtWEAE&cid=CAASEuRoXaQakTbnhYOfO4s2C6Q28g&id=lidartos&mcvt=0&p=6380,620,6630,920&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=687570586&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1636554995808&rpt=2019&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=ans-wer.com&rs=ans-wer.com&sid=41698&t=1636555000&cip=168.119.25.197&sn=&tgt=0&osv=10&bv=95.0&brn=Chrome&wi=483&he=272&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1636555000983-939322734563-005799-005-002202&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.85&cb=76837202237&cd1=4.95.3&cd4=e765f131-d353-433d-a3c8-d3de632e44c3&cd5=default&d9=1000&d37=realtime1&AV_WIDTH=483&AV_HEIGHT=272

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| 64 object| 65 object| 66 object| 67 object| 68 object| 69 object| 70 object| 71 object| 72 object| 73 object| 74 object| 75 object| 76 object| 77 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| $MMT function| confiantWrap string| speed boolean| loaded function| mainrun function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| ifvisible function| inView object| apstag function| bret function| cash function| pagespeed function| gtag object| dataLayer function| ShowMenu function| HideMenu object| adsbygoogle object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent504 object| __twttrll object| twttr object| __twttr object| a0_0x433e function| a0_0x3d7e object| __s object| instgrm object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga function| LoadInstagramScriptOnLoad function| isElementInViewport function| getAjaxMetaInfo function| loadNextPostData function| loadRelatedPosts function| saveAjaxPostDataInSession function| getSessionData function| setNormalPostMetaInfo function| updateAddress function| setMetaInfoUrl function| setNextPostUrl function| getRelatedPostRequestUrl function| RemovePostSession function| displayLoadMore function| hideLoadMore function| GoogleAnalyticsUpdater object| __CF$cv$params object| confiant object| googletag string| ggv2id function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| _mgIntExchangeNews object| MarketGidInfC1153326 function| MarketGidCContextBlock1153326 function| MarketGidCMainBlock1153326 function| MarketGidCInternalExchangeBlock1153326 function| MarketGidCRejectBlock1153326 function| MarketGidCCriteoBlock1153326 function| MarketGidCInternalExchangeLoggerBlock1153326 function| MarketGidCObserverBlock1153326 function| MarketGidCSendDimensionsBlock1153326 function| MarketGidCRtbBlock1153326 function| MarketGidCTestContentBlock1153326 function| MarketGidCContentPreviewBlock1153326 function| MarketGidCResponsiveBlock1153326 boolean| mg_loaded_128337_1153326 boolean| sekindoFlowingPlayerOn object| headertag object| __connect boolean| apstagLOADED object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats function| xDomainCookie object| ggevents undefined| bean object| GUMGUM boolean| creativeVendorLibraryLoaded object| tiktokEmbed object| onClickExcludes function| mgReject1153326 function| mgLoadAds1153326_0a5f0 function| MarketGidCReject1153326 function| MarketGidLoadGoods1153326_0a5f0 function| mgReject1153333 function| mgLoadAds1153333_0a5f0 function| MarketGidCReject1153333 function| MarketGidLoadGoods1153333_0a5f0 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint128337 string| _mgPvid boolean| _mgPageView128337 boolean| isPxlSent object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| LoadCriteoAllPlaces1153326_0a5f0 boolean| i.js.loaded boolean| i-noref.js.loaded object| confiantRefreshSlots object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| __EXCO string| pbPageIdentifier function| av_sciv_hndlr1636555000140 object| storageAni function| Hls object| ggData object| closure_lm_137533 object| closure_lm_533168 object| closure_lm_622952 object| closure_lm_127730 object| closure_lm_526127

208 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: bqGpi9PE92l.aE3gq42RWuoHUh_uDpBX5aRvyqqhgig-1636554992-0-AbxS3VslW0oxXQss6RAwn08aSx8sQP2EqmHuR6GztOa5geQ4Rq/GkAXoMVp9CyExkMQ/ZPm7PoIc+wO1OaKsf/I=
.youtube.com/ Name: YSC
Value: wd9gl59h4ZE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qQHSrCB0Xjw
.ans-wer.com/ Name: _gid
Value: GA1.2.1951610078.1636554993
.ans-wer.com/ Name: _gat_gtag_UA_8062131_3
Value: 1
.ans-wer.com/ Name: _gat_gtag_UA_206380970_1
Value: 1
.ans-wer.com/ Name: _ga_RTJ3RJN3F8
Value: GS1.1.1636554992.1.0.1636554992.0
.ans-wer.com/ Name: _ga
Value: GA1.1.957726249.1636554993
.ans-wer.com/ Name: __cf_bm
Value: FeXjgp1zyZnMJoynlIbqqGhHZyNhM5bOLIpBvs4zPfI-1636554993-0-ASZMp9gYd16kyP3yCzZU74fkUIlyLrEDrqmiWasQv5zN/aiEny87iAdNoZaw8FGbO0yJrtNtSm9Z6axaa88bGo+Kz1ogzwefEhPTqaj+hpEbjXvCC0I+CgpVyE/8dRWzeA==
.openx.net/ Name: i
Value: 86b811ba-bef4-4e6a-88c7-b789555b543c|1636554993
.casalemedia.com/ Name: CMID
Value: YYvY8QGE8OpYyuYAqwdzdQAA
.casalemedia.com/ Name: CMPS
Value: 5209
.spotxchange.com/ Name: audience
Value: 99e42651-4233-11ec-9c19-197e22df0506
.adnxs.com/ Name: uuid2
Value: 4777276572329354755
.adsrvr.org/ Name: TDID
Value: 33550408-bd18-4c2e-af2d-417206d04e39
.casalemedia.com/ Name: CMPRO
Value: 1160
.doubleclick.net/ Name: IDE
Value: AHWqTUk73195cc2KS7xAp2tnLUElpJbkJxNpAwqOCywZheoFv4SYfHugxZc2U9zzKDA
ans-wer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.creativecdn.com/ Name: u
Value: EOA0VHTlN7sWT0ZE90fa
.creativecdn.com/ Name: ts
Value: 1636554994
ans-wer.com/ Name: session
Value: 34d3c603-2eb3-4b41-87c1-3a358e92dc9e
ans-wer.com/ Name: _lr_geo_location
Value: DE
.adscale.de/ Name: uu
Value: 8e764321958a4acab0c667c0d20c11d8
.agkn.com/ Name: ab
Value: 0001%3ApbB0jEKvi8Graf%2Bvl6KoODwOn0z%2FyB7u
.agkn.com/ Name: u
Value: C|0CEApHpVyKR6VcgAAAAAAAQ13AQCAAQpAAAAAAA
.mookie1.com/ Name: id
Value: 10815324137626982527
.mookie1.com/ Name: mdata
Value: 1|10815324137626982527|1636554994777
.mookie1.com/ Name: ov
Value: 10cf67b598a6b224915d6f0c8fed8668
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2A4C2021-80DF-44D3-9139-A753695F86E7
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.doubleclick.net/ Name: DSID
Value: NO_DATA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.go.sonobi.com/ Name: HAPLB5A
Value: s569|YYvY9
.addthis.com/ Name: na_id
Value: 2021111014363500065207224878
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 618bd8f340111149
.addthis.com/ Name: ouid
Value: 618bd8f300011ce634fff95d00f3efc7bc16484462035bcdc70e
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211110
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm845wFyC1nEdJe_i0vbL1iSxv_BAMOjyAWXcU5g4XObNUfgtsx6P2hY7LEeTvlMuIM
.gumgum.com/ Name: vst
Value: e_45f452da-b2f5-4e31-813d-e9f666ccb7ab
.ibillboard.com/ Name: ibbid
Value: BBID-01-03112689953354196-16442748
.advertising.com/ Name: APID
Value: UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
.yahoo.com/ Name: A3
Value: d=AQABBPPYi2ECEG7YPAHX-AM1CcWMygx6KKIFEgEBAQEqjWGVYQAAAAAA_eMAAA&S=AQAAAuZViwZrJPtC_I0EK6WB54g
.mathtag.com/ Name: uuid
Value: d89f618b-d8f3-4600-8acc-223fc44e81b7
.yahoo.com/ Name: APID
Value: UP9b0a1fd4-4233-11ec-9c8c-06f28f52458a
.yahoo.com/ Name: APIDTS
Value: 1636554995
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYvY8wADhPvA_AAz
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1005411107955032424
.mgid.com/ Name: muidn
Value: laazBrIQ0lA6
.criteo.com/ Name: uid
Value: dde55b03-0936-408c-b2f7-67df16eec374
.bidswitch.net/ Name: tuuid
Value: 7e1f55f9-aa7c-42d9-8550-d757745cea49
.bidswitch.net/ Name: c
Value: 1636554995
.bidswitch.net/ Name: tuuid_lu
Value: 1636554995
.adscale.de/ Name: cct
Value: 1636554995917
servicer.mgid.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.ans-wer.com/ Name: __gads
Value: ID=72511adca22d020e:T=1636554992:S=ALNI_MZnx8v04FlhG3gNOyaqoVNu7SUcpg
.adnxs.com/ Name: icu
Value: ChgIqKlxEAoYASABKAEw87GvjAY4AUABSAEQ87GvjAYYAA..
.m6r.eu/ Name: test
Value: true
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: fa5daac7cfa2d8877291e71c22de6de60d613a0b5589a9f0a0536195cfb9a249
.m6r.eu/ Name: cct
Value: 1636554996262
.m6r.eu/ Name: id
Value: 182b6e0465439784c56d0eab985d5c45
.ih.adscale.de/ Name: tu
Value: 4#2494282963#48~182b6e0465439784c56d0eab985d5c45~454598~0~0#101~BBID-01-03112689953354196-16442748~454598~0~0#39~d89f618b-d8f3-4600-8acc-223fc44e81b7~454598~0~0#40~dde55b03-0936-408c-b2f7-67df16eec374~454598~0~0#42~1005411107955032424~454598~0~0#75~4777276572329354755~454598~0~0#108~d89f618b-d8f3-4600-8acc-223fc44e81b7~454598~0~0#63~YYvY8QGE8OpYyuYAqwdzdQAA&1160~454598~0~0
ans-wer.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1153326%22%3A%7B%22page%22%3A1%2C%22time%22%3A1636554996510%7D%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In<sa$k(!]tbPl1M>e)ZlrFUfJ+tGXxoTK$Yd=D[82C_#s[PEXH3j<YA9!c?2C`q`1<3*bpRz*qF1`*ba^.*Rth^
.adfarm1.adition.com/ Name: UserID1
Value: 7028950190242595175
ans-wer.com/ Name: _lr_retry_request
Value: true
ans-wer.com/ Name: _lr_env_src_ats
Value: false
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: a1102073-8886-4c83-9300-21d5358e4ef8#1636554998848#1
.id5-sync.com/ Name: callback
Value:
.zeotap.com/ Name: zc
Value: 6f961e2c-0bb5-4cf9-5b72-7fcf4f1e3df4
.e-volution.ai/ Name: v_usr
Value: d0bff21f-e873-4e9f-9890-805107570240
.idealmedia.io/ Name: muidn
Value: laazBrIQ0lA6
.lentainform.com/ Name: muidn
Value: laazBrIQ0lA6
.360yield.com/ Name: tuuid
Value: e655f21b-811b-499c-b1de-37ff6ab6a350
.360yield.com/ Name: tuuid_lu
Value: 1636554998
.adfarm1.adition.com/ Name: lv_4799962
Value: w=4699120|t=1636554998
ans-wer.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2233550408-bd18-4c2e-af2d-417206d04e39%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-10T14%3A36%3A38%22%7D
.sharethrough.com/ Name: stx_user_id
Value: a8274030-5e57-45bc-8f6f-79fc0c5a1305
.erne.co/ Name: u
Value: 88XOl9wnxstqlRkUmmXAXy1M
.smartadserver.com/ Name: pid
Value: 1045131238910643293
.mfadsrvr.com/ Name: tuuid
Value: 5600a26d-87f0-4892-ad2c-549534a949f8
.mfadsrvr.com/ Name: c
Value: 1636554999
.mfadsrvr.com/ Name: tuuid_lu
Value: 1636554999
ans-wer.com/ Name: exco-uid
Value: zi7fsoecgnc5f0li
.w55c.net/ Name: wfivefivec
Value: QeUOEAnb1MKOIn5
.mfadsrvr.com/ Name: ssh
Value: !mgid,1636554999
.mrpdata.net/ Name: U
Value: 1e8a8b85-23e2-f041-7b55-1e621ff1ae93
.simpli.fi/ Name: suid
Value: 8F3145E21F714E699B5B0C69874CBA32
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxNLC0BHIthfgMdXWDAr3M4s2S4gvD46V4Dc2MzYBqLC0tLQwMAI_V-PI0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxNLC0BHIthfgMdXWDAr3M4s2S4gvD4wFNbdqNJQAAAA
.justpremium.com/ Name: jpxumatched
Value: ox
.justpremium.com/ Name: jpxumaster
Value: um-84d58970-e39b-4f01-8cc5-ad59a67f3367-1636555000
.turn.com/ Name: uid
Value: 7430506455464492218
.rqtrk.eu/ Name: browser_id
Value: 1:19286cd2-e68e-44ef-a5e1-9e232c46b7df
ads.avct.cloud/ Name: uuid
Value: d532da7e-8a78-4d44-ba06-01bbe3e2ba03
.w55c.net/ Name: matchopenx
Value: 5
.mookie1.com/ Name: syncdata_IOW
Value: 1
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.360yield.com/ Name: um
Value: !79,WQ-pLI9MvzsXRNolQToOgGocYpgWpGfiE..3aHtc7lwJdCfWr5rrjaX6HJUT4ge4UF4iXP.MaXX3iD2j,1644331000!313,WQ-pLNoCHLjZGKrNX0AHbg6MUxkbalElNokz.xnSXMATsZruIkeDKUoe6HZQhm4aLLp8L.nvePxm.YFy,1644330999
.360yield.com/ Name: umeh
Value: !79,0,1698763000,-1!313,0,1698762999,-1
cm.mgid.com/ Name: mg_sync
Value: {"265689":1636554998,"287839":1636555000,"341189":1636554998,"363887":1636554998,"371158":1636554999,"433145":1636554999,"433146":1636554998,"516418":1636554998,"549534":1636554998,"665953":1636554999}
.adfarm1.adition.com/ Name: lv_4709716
Value: w=4603449|t=1636554999
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1636555000355
.tapad.com/ Name: TapAd_DID
Value: 40136134-9f29-4cd3-8275-e7b25860b03e
.bidr.io/ Name: bito
Value: AAGie07DF7IAACh6cQxlxg
.bfmio.com/ Name: __106_cid
Value: 33550408-bd18-4c2e-af2d-417206d04e39
.bfmio.com/ Name: __bfio_sync
Value: E1E944DBBB7F9A4EDB9379BD899AEFDB
.bfmio.com/ Name: __io_cid
Value: 33550408-bd18-4c2e-af2d-417206d04e39
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: "187s~21ge:18z8~21ge"
.de17a.com/ Name: guid2
Value: 1.6153006215413666020
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7028950190242595175
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6153006215413666020
.sportradarserving.com/ Name: zuuid
Value: de6d7130-c237-42df-b4e9-b82e73abad79
.sportradarserving.com/ Name: c
Value: 1636555000
.sportradarserving.com/ Name: zuuid_lu
Value: 1636555000
.onaudience.com/ Name: cookie
Value: 4550fe3a86008e7a
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4777276572329354755
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&KRTB&16736-uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&KRTB&23019-uid:d89f618b-d8f3-4600-8acc-223fc44e81b7&KRTB&23114-uid:d89f618b-d8f3-4600-8acc-223fc44e81b7
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEE2n0WF0C_OvY5JF2XM82qA&KRTB&16514-CAESEE2n0WF0C_OvY5JF2XM82qA&KRTB&23025-CAESEE2n0WF0C_OvY5JF2XM82qA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1005411107955032424&KRTB&23263-1005411107955032424
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-33550408-bd18-4c2e-af2d-417206d04e39&KRTB&22918-33550408-bd18-4c2e-af2d-417206d04e39&KRTB&23031-33550408-bd18-4c2e-af2d-417206d04e39
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1636555000
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGie07DF7IAACh6cQxlxg
.exelator.com/ Name: EE
Value: "5067b044a5fdb99b07a9b0b64e8178c1"
.eqads.com/ Name: EQUser
Value: UID=24292447-4ba9-4969-8309-a2ce7fd3bf2d
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHUwMw8ycDEJNE0LSXJ0jLJwDwRSCSZmaRaGJpbJBsuLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxZZmi7JL8pMX%252BTiurgoJY1hUUnxqeB9rSoAbNIpow%253D%253D"
.mookie1.com/ Name: syncdata_NEU
Value: 1
.aniview.com/ Name: aniC
Value: 1636555000983-939322734563-005799-005-002202
.volvelle.tech/ Name: ouuid
Value: 0122f085-b10c-42c0-a3c6-ce5b1898f89c
.volvelle.tech/ Name: c
Value: 1636555001
.volvelle.tech/ Name: ouuid_lu
Value: 1636555001
.casalemedia.com/ Name: CMST
Value: YYvY8WGL2PkA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e12a077e5c23d7cf
pool.admedo.com/ Name: tuuid
Value: a649812c-11f7-48c3-97c7-4fd014997fc3
pool.admedo.com/ Name: c
Value: 1636555001
pool.admedo.com/ Name: tuuid_lu
Value: 1636555001
.w55c.net/ Name: matchcasale
Value: 5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxmampqYGBoZmG0igXKN7G0tLQwMAAANdnRhiAAAAA
.casalemedia.com/ Name: CMRUM3
Value: 28618bd8f9276024292447-4ba9-4969-8309-a2ce7fd3bf2d&29618bd8f705a0&82618bd8f8a8c0&39618bd8f905a0&58618bd8f805a0&27618bd8f70b40&bc618bd8f805a00&04618bd8f827607430506455464492218&ce618bd8f805a0&e6618bd8f72760&41618bd8f805a0&da618bd8f92760&2f618bd8f92760QeUOEAnb1MKOIn5&69618bd8f805a00&5a618bd8f905a0&b0618bd8f805a00&2d618bd8f52760&05618bd8f805a0&33618bd8f905a0&9c618bd8f805a00&dd618bd8f82760&51618bd8f805a0&03618bd8f82760d89f618b-d8f3-4600-8acc-223fc44e81b7&0d618bd8f905a0&49618bd8f805a0&6f618bd8f905a0&2e618bd8f705a0&40618bd8f92760no-consent&f1618bd8f705a0
.aniview.com/ Name: 2_C_42
Value: YYvY8QGE8OpYyuYAqwdzdQAA&1160
sync.aniview.com/ Name: 2_C_42
Value: YYvY8QGE8OpYyuYAqwdzdQAA&1160
.openx.net/ Name: pd
Value: v2|1636554998.4|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fotumuvQsfw9
.mediarithmics.com/ Name: mics_vid
Value: 22385448002
.mediarithmics.com/ Name: mics_uaid
Value: web:1:b33c6c33-c4ff-440f-baa0-4d29e1c61ed2
.mediarithmics.com/ Name: mics_lts
Value: 1636555001671
.blismedia.com/ Name: b
Value: 618BD8FA3CEC5C9D45C49FB5BLIS
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158901:3
.pubmatic.com/ Name: DPSync3
Value: 1637712000%3A221_226_227_235_219_201_197%7C1636588800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1637712000%3A204_222_104_13_71_231_233_3_234_88_238_189_5_81_176_57_54_56_165_99_166_8_220_161_22_21_55_230_7%7C1637798400%3A35%7C1639094400%3A203%7C1637107200%3A2_15_223%7C1637366400%3A63%7C1641686400%3A69
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YYvY8wADhPvA_AAz&KRTB&22978-YYvY8wADhPvA_AAz&KRTB&23194-YYvY8wADhPvA_AAz&KRTB&23209-YYvY8wADhPvA_AAz
.pubmatic.com/ Name: PugT
Value: 1636555003
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-88XOl9wnxstqlRkUmmXAXy1M
.taboola.com/ Name: t_gid
Value: 148684ee-9d3b-4754-a0c0-c21df813735a-tuct8855e7b
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:QeUOEAnb1MKOIn5
ads.playground.xyz/ Name: connect.sid
Value: s%3A6naLrB5IjOl48nPDzQxKkEAnyfhGAgmq.0lI0xGvz4OErU9KfUS%2FXwDj0bcXykq4DwUxkkOf16uA
.fiftyt.com/ Name: fifid
Value: 08b2a0ff-7905-4854-7dba-be7dbd6d393b
.fiftyt.com/ Name: cs
Value: MTYzNjU1NTAwM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fDT41jXlKcgPj0gytK_9Bc0ZQhIu0T3ssDACJnABJAEN
.iprom.net/ Name: UID
Value: 58964153146762
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003%22%7D
.semasio.net/ Name: SEUNCY
Value: B604F0884B669610
.pubmatic.com/ Name: KRTBCOOKIE_1277
Value: 23327-58964153146762
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7430506455464492218
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-39d140a8-5cf1-4807-ae40-6ab0f2286b01-003
.fiftyt.com/ Name: fppm
Value: 20211110143643
.scoota.co/ Name: tuuid
Value: 75a85a4f-a6c4-4457-8d12-499170e0153b
.scoota.co/ Name: c
Value: 1636555003
.scoota.co/ Name: tuuid_lu
Value: 1636555003
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D3ffafffe-9d3f-47cc-bfbc-3aa052675337
.bnmla.com/ Name: rx_uuid
Value: 3ffafffe-9d3f-47cc-bfbc-3aa052675337
.bnmla.com/ Name: rx_maxage_10738
Value: 1637851003
.bnmla.com/ Name: rx_sspid_10738
Value: 6
.ipredictive.com/ Name: cu
Value: 9fd1452b-4233-11ec-94b9-77ba70aac1fb|1636555003370
.tribalfusion.com/ Name: ANON_ID
Value: apnr6iRkP6j6eCno77EkJZb9aneguqdikyZaAa4MSQf3enyxlhiXfoaaV2McMhihSpQdZdtpfiZa
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-301dded9-dbb7-4435-600c-fe702db74386.FqkkeFVQDTj%2FObB3V4qya7BmTFt0pXL8HzE8%2FtWnvGo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-301dded9-dbb7-4435-600c-fe702db74386%24ip%24168.119.25.197.RAXUZ0YNjHLjYH%2BeOF2Lo8WthgWO%2BNcuxXv7omQjMPY
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-MB3e2du3RDVgDP5wLbdDhqh3GcU
.id5-sync.com/ Name: 3pi
Value: 160#1636555003557#-2026283705|146#1636555000895#-106841190|18#1636555002897#-539841852|19#1636555003098#-171866109#a064a09346fcf640decd2c1a8084a062|916#1636554999738#553723923|441#1636554999157#48|124#1636555000346#553723923
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9fd1452b-4233-11ec-94b9-77ba70aac1fb&KRTB&23011-9fd1452b-4233-11ec-94b9-77ba70aac1fb
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7e1f55f9-aa7c-42d9-8550-d757745cea49
.audrte.com/ Name: arcki2
Value: blaMQLwwmyCTkS4jzsIDw0dcw!20210804!1636555003711
.adsby.bidtheatre.com/ Name: __kuid
Value: 2a449ef7-a26e-442f-b5d0-38fe2ffca3be.405769004
.pubmatic.com/ Name: SPugT
Value: 1636555004
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwisr7apsZiSOhAFEhgKCWJpZHN3aXRjaBILCKa8kN2xmJI6EAUYASABKAIyCwimtJOKyJiSOhAFOAFaCWJpZHN3aXRjaGAC
.creative-serving.com/ Name: tuuid
Value: 9b7038f5-2a1d-4f3f-8654-a953b7338249
.creative-serving.com/ Name: c
Value: 1636555006
.creative-serving.com/ Name: tuuid_lu
Value: 1636555006

19 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.instagram.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14120992840229899163/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1882706524308406&output=html&h=280&slotname=9858539845&adk=2589358256&adf=2987917308&pi=t.ma~as.9858539845&w=730&fwrn=4&fwrnh=100&lmt=1636554992&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fans-wer.com%2Farazou-baker-cinderella-role-and-instagram&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636554992439&bpp=1&bdt=641&idt=413&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5656659755628&frm=20&pv=1&ga_vid=957726249.1636554993&ga_sid=1636554993&ga_hid=1840542720&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=405&ady=1394&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753658%2C44752093%2C31063682&oid=2&pvsid=2712710818169298&pem=802&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JbakzaTjtN&p=https%3A//ans-wer.com&dtd=416
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14120992840229899163/index.html".
javascript error URL: https://ans-wer.com/arazou-baker-cinderella-role-and-instagram
Message:
Access to XMLHttpRequest at 'https://ib.adnxs.com/ut/v3/prebid' from origin 'https://ans-wer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.adnxs.com/ut/v3/prebid
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
deprecation warning (Line 3)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1458
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.instagram.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMOZvdHj4twhNFN5lnLzPosOk74mZYWYgsBbmP6qQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2285c500164891afa97d1c7a00bffe80.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a.volvelle.tech
aa.agkn.com
aax-eu.amazon-adsystem.com
abs-0.twimg.com
ad.360yield.com
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ads.yieldmo.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
ans-wer.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
atrack.avplayer.com
ats.rlcdn.com
aud.pubmatic.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
bh.contextweb.com
bloggernetwork-d.openx.net
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.mgid.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.ampproject.org
cdn.districtm.io
cdn.doubleverify.com
cdn.mgid.com
cdn.syndication.twimg.com
cdn3.doubleverify.com
cdnjs.cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
contextual.media.net
core.iprom.net
creativecdn.com
csync.loopme.me
d.adroll.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
display.bfmio.com
dmp.brand-display.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.dmca.com
imagesrv.adition.com
imasdk.googleapis.com
imps.monu.delivery
inv-nets.admixer.net
ipwatch.monu.delivery
j.mrpdata.net
js-sec.indexww.com
js.adscale.de
js.gumgum.com
jsc.mgid.com
live.primis.tech
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mcd.ex.co
monu.delivery
mwzeom.zeotap.com
odr.mookie1.com
onetag-geo.s-onetag.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid.a-mo.net
prebid.media.net
premiumsrv.aniview.com
prg.smartadserver.com
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.scoota.co
rtb-csync.smartadserver.com
rtb-usw.mfadsrvr.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rtb0.doubleverify.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.tribalfusion.com
s0.2mdn.net
s16.tiktokcdn.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
sf-hs-sg.ibytedtos.com
sf16-scmcdn-sg.ibytedtos.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.bfmio.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tag.1rx.io
tag.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tps20511.doubleverify.com
tps20515.doubleverify.com
tps20517.doubleverify.com
tps20523.doubleverify.com
tps20524.doubleverify.com
tps20525.doubleverify.com
tr.blismedia.com
track.adform.net
track1.aniview.com
tracking.m6r.eu
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
visitor.fiftyt.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.tiktok.com
www.youtube.com
www9.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
dpm.demdex.net
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
protected-by.clarium.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
track1.aniview.com
104.111.215.191
104.111.242.245
104.16.199.73
104.16.68.69
104.19.132.78
104.19.135.78
104.19.217.61
104.244.42.200
104.244.43.131
108.128.92.179
109.206.161.21
13.224.186.36
13.224.198.4
13.225.78.105
13.225.78.128
13.225.78.19
13.225.78.23
13.225.78.93
142.250.185.130
142.250.185.66
142.250.186.66
146.0.227.109
147.75.38.124
15.197.193.217
151.101.129.194
151.101.129.44
151.101.194.132
151.101.2.49
151.139.242.29
162.55.6.212
169.50.137.182
178.162.133.150
178.250.0.163
178.62.202.251
18.184.122.71
18.193.42.157
18.193.90.196
18.194.17.206
18.196.169.148
185.184.8.65
185.220.204.204
185.237.97.240
185.29.134.244
185.33.221.50
185.33.221.53
185.64.189.112
185.64.189.229
185.64.190.80
185.64.190.81
185.86.137.113
185.86.138.122
185.86.139.94
185.94.180.126
188.132.147.235
188.165.137.78
192.132.33.46
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
199.187.193.193
2.16.186.146
2.16.186.170
2.16.186.19
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
209.54.178.82
213.155.156.183
213.19.147.43
213.19.147.45
213.254.244.21
216.52.2.30
216.58.212.130
217.79.188.10
217.79.188.21
217.79.188.46
23.34.186.99
23.34.190.24
23.79.143.124
2600:1901:0:333a::
2600:9000:223f:c600:f:4f64:8940:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:20::681a:4c3
2606:4700:20::681a:ad1
2606:4700::6810:125e
2606:4700::6812:d05
2a00:1288:80:800::7001
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a01:7e01:1::ac69:92e7
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00:2b2::4469
2a02:26f0:6c00::210:bb21
2a02:26f0:ef::5c7b:c29b
2a02:fa8:8806:20::2040
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42::300
2a05:d018:d29:3601:f879:a4cf:9cbb:9098
2a0c:5c81:5139::2
3.120.43.188
3.124.136.236
3.124.143.99
3.126.56.137
3.127.133.197
3.127.51.194
3.208.219.24
3.229.193.232
34.102.253.54
34.107.148.139
34.120.133.55
34.149.20.76
34.193.81.8
34.247.120.79
34.254.143.3
34.254.8.42
34.96.105.8
34.98.67.61
35.157.246.167
35.176.195.187
35.186.236.140
35.186.253.211
35.201.96.126
35.210.178.101
35.210.53.219
35.212.212.222
35.227.248.159
35.241.40.233
35.244.159.8
37.157.4.39
37.157.6.242
37.252.173.214
38.27.122.101
38.91.45.7
46.249.52.249
51.178.20.139
51.222.80.231
51.75.146.160
51.89.7.199
52.19.22.209
52.214.156.237
52.22.182.4
52.28.175.201
52.28.254.122
52.44.220.233
52.45.128.104
52.49.238.187
52.59.104.236
52.86.83.177
52.95.115.255
54.174.213.70
54.175.176.13
54.194.211.3
54.204.89.2
54.208.142.27
54.228.52.99
62.209.227.210
66.155.71.150
67.202.105.23
69.173.151.100
72.251.244.140
72.251.245.179
75.101.235.47
77.243.60.138
79.137.69.91
85.114.159.93
89.187.169.47
92.123.225.57
99.80.151.46
99.83.181.31
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
010f6876f39e5954a1c935ccc0abced6d66ecf541f4f57180310c39dd9aec297
0114c91c84e5095578374c18f2c0bb6f8be2e4fac90429f1cecd0cfcd7867817
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
0186abebc0f1ba6689a8f534f796843fb1f96c07402cebeb9f171a1eaba89994
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
01d7cce94e8ce1ab40dfa61db907972c06062636a673e301c977eb37b016d909
03ad7b8f87fc551d7a3d1c6f192faff01882a9a4ceeebf2f5d1707e6516238c5
046ad44961dd3c757f140b3b5b62d716e7f5b0c9c82c5cd638f4e9ba888f90d8
05597c2428373b6c3a7234a05541ddef10167d2642d58b544503c0a33e568f5a
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
05c626d78f697a300bdcddb5c5f8cb54f41b65abc201657418ed96f13c28c0a3
062d50b854c467496653e2a45b0dd9719c00a37adec34ff6bcd3a913d1ae7b7d
065b9ce71bf3d6a8704ef8ff60ad8d73428a6dc173ca96c5d6ee14ecf2ce8884
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06d0155e67ef45cd233a4912d3ba15e4c61fa14405c388085f0cb9f392a68ebb
0758489e48f4b30ac0b5b74b10a1e1a36c46970ba5a7b31f0916dca915c78ae0
075d8a746e000aa5e5473f0f6603aa02f92da4f0fce02a821c12eec05f742a9c
08047be20a188410d267825802b2b12782350d8648fc11de6f917a49edf057f3
083e383463e978715150d2af013199b309c0d74500627586279ec4da6622605e
0882421edaa28956436cd5c13d6779becf72d3d87105f3848e54935fa6745b81
08e11ee118af5a4e52e6077f0b53e255695aada2007b23e975e69d08bb207538
095744fa45e2c246e5aed63e5c5d0d7c43025c2ea231e361f6600fa6a0318c31
09dd0a7de88fb8cf1c77631b1ad60324ff5f2da818771f4f2a3e7ea9b97ca557
09f5d1eb6cbc7bea13ac5c5df21cfbf37295c230c2c219aae3713b3faaf4d381
0a24237f3e590b51da40613b2d233fc7e54da673e23ccd2c556c2279fa538227
0a98c7644b664f4130ce6f250c192766b5710a2a6fbc94b16ea5c5281bddc2cb
0b6ec53515b953bbff9ea96a60b97745b030ac091126917f4cda407ab98ee2c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0c898649900411436af02a2a0a7ff8f6ecca71e990351ab5c5c1a996dadeb754
0cc705e366e9a7fc6cd71320ddec239f2aa94d268dbe49bef93383c7f9f49769
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0cff68f1b6af93fbc90f21973308a4628a145a951eee941c3f525f30faad4009
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d41151a237d0ad28ab7e787d54f2f4bfb4104f2e432a52a5bce6e52cfb82b9e
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0da48fb19c2d51ae4205e4b37f314c874cc635c714ca789603a9dfe3b17b2880
0df1fa3a8fe00457aae5ab8b71d9820d9884fece5ce191c3c013dda0c97b99e5
0e607de739f09cd3a7ca21bd04cb18255d725345106bf02282b909428fc3f44f
0e7b09c1f0d09db9568e26d519880c3c34f9a4a0932bc13a2471a05de53932e6
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0fbdd22288a8f122f09042d64996114db7f3f8394e7cde0733211ce052633d6e
101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5
1070b8a3f24bdc3dbc1eff126babebd9547782c47142f005f4844d68d00ecd97
10bd02a55cd75af38506c4609973ac7bb1a10c23e81cc2d15f22b96a9813463e
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
117ed29ebf4de8b2c70c75bb91655120aae4f3a2504caf0433e4506f7f7bb4f6
11c461cd2218a7b63c653199786d107a4cd79321933c8aa24656765b2f75487d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
149967ec5450cd9404726c64ed8f7ff32a707cdbbd4218e18385c8155f4c0786
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
154ec3400a84a69b0c634de70a63ef9574ba583f079429cae14f0397fe0b0e5d
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab
16a27428b6dfaf72e49948fa74b442718ffaed498b7c88f647c8d7a3034ed459
16ce0ee44c7f9f0d21707ceabbfce52f5918a1918b1355e90ba4710d4edc73d7
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16f532a19ec04a8515a66b29e5067e0c6fd6e7a02ae4db66c1335a6978d18bbe
174153556bd0d5484b30d30e175b501400e7057fb60294486e4c1305a0804f85
175755704c657fb6886bf7cf9e86e31b827c2bc2e71a1730fbb492f1f4868cdc
17c869ed6e742ee9f38e61a9f8c9a538031fe08c49646bdace6445afe7ed328b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185bd5f746812c69f0e142170c407c75c676a11d972720770af0f5f27af57c97
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1967ff3f371600108f9a3d21f885ed1f617a7c07c2ff0fcaff4234228841a4b3
1a2bbd0171da5a6b17530d605e2512315ceb23a94100a8c086e800e565a2d181
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b3d91c90f14fdb7cc9307b363a77a859bbe6c55edae87d6e5604d4bd5118c52
1c29691d042590baadc76a7601ea3fae4c30a83f626465ded7772c832a447dd7
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cbf5ca6dde1f0a5e8fa9afbe430179eb4904c1f6c344222273d6c382fc50321
1d08ab7226167fe53e012690263a0d1d1c068c4e4c48680281b0614eac66676e
1d50d00c4738db2e3744ec44d948362eac945b8f958e0094ec71ab9ad6e9c448
1da9fb488d784e53d8f896c824abab3b1b1107f49d5372f90f5fcb5b1c9c260b
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1efe8bb95628018ec6f15e732646a00a9899c7ab8ebde4235a8951a153f0b90b
1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1
204ee90690366972602a38053bdc02427f6153b11ff72ce04eb086e8e93d6166
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
23029c72cc4e76844159e9f0981404a03e28772faab9786dfc2733e5b40e6682
233eaac1ee57c815db801c190b985f2e9f5bd747cf3e354ed70b9ce9751797c2
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2715c70e3e6ab72ef6f8523f2140db3ccea58a1f886af71c324b9c8d0f2ff0f6
273a3ca8f48cad1e6de62434a1c4cd36d39bcec424f21105f23d42cab1a4850f
27f75f4660d485e093c310ca0be8026a3e529f80776f0cc1b833993736d38572
28e0748909a4ed9b5ce1ebfaa0d8ea75144418f2f30d9753bf18019e0a60ff4b
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adab10d0a6acb1f173e940ac8fd3fbde2c326030839075e916a91cfcb1720b5
2b0645e21732016e49ffa2d10fd021712ea72eb961ae73fbb81898ab6471e12a
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32029896434c5ac1f0087d7830a71ff6f7b6454150a9a1a26f9d6054c8739449
32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329cffc67d8dbf749294b384386a369cd931ac4d975500f231aaed1533921474
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32d6d14e11f7d7a313f65be68a03fd8f64082e0ac96664d762ec59763511d55c
33936b52ff6da88ad578b2be9773ae0ec1171b4517374aeb13432bae8c7227ad
339c96fe7ac3e338273877fc09aaa3c3da723247580191f202e6e1589acd82ae
3415c7fade1393a1990451fe39cfb19fed87791ede53183f9a4d390b15d36a5b
343abd611e26ca76b3fe4588af30ad5c03c9ea3fc08ef9032711b2c76742dafe
343b1bca7cb85fefd105a64ddd92915722e7d0b24237844815eb8559cd23a225
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
355f63735f316efb803ce8110b7321542f6533ebed34cbf4c0eaca19c74f72a1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3755ed82384ee666f8513b04e746cf1af60042f9cbc3cb4a074b4a85cbd0f5ac
380f87067578276440fc2a5b6f899eb27bf1e9a15ddc26423542fa1f95c55e0e
381c9d3b2da9fd972a861277258f01a01c451cd769f3d3e5b94d3f727a0f4463
3845d13d2d404e02c2ba3ab4e96db61e25b628998d2f72cd856d277def740518
3863ce7b63943da8e7ad386ca5bbd124bc88456871c6e941854c2cd63e40ebed
39027d4e1b8ef8fdcf8f914482e096299e1a06be67ff452e4087a9557489b5ba
3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806
398e9cb5602e6f37d54bd7eb4c776aac1fb77d8c0c06252610fdbeed33958157
39be389adf8d58efa1896ebdb2c6e4a24ceb50c666fc73e2ab2f3b55433a9d0c
39e216818ab2b52d46f639d13ee412e1abafee9574df6760fea0fde6a0b4ea24
3a9546cfa625b0f24bcb03a0f9cd46bf7bff9299ad6e17518853ca5b15bcbf8a
3ac70f2d95d2eb26c10b2b1329f55c94cb6a75880da0357ec6308db1f3a7ed84
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b5b65ff05003469140538ee4547bb8a0ddf1cebacf50c298c48832a4c70def7
3bdca6c8271b2b259bfe0f2361788499aefb3e8727e3daed77b3735268f39c5a
3ca7b0336ea42ce0da35d1c97b3b658b61c86806ab826de7dcf4f8351de4ef93
3cc394ccf8b6a8257c80ea8f3a68292718d2c45c327519acd474af2e3e5b4db8
3cfa0ad59a083ab68e6524a31a1e4ff178bd65fc389fe0c6383a734700de662f
3d6639e89f27899806b5bfd2eefb38a73194e8700251080c8577451788fba979
3ddace359b25abc19bbea2fe33998663f17b0ef3dc680f4ede85f3054f37759c
3df45dfb7aa30d869d2e33c594e4f5a5f85c6a1cb505743560202cf213d93a42
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eec90156131c1b4ef128d2a4648a072f97bc0d38833cf90447d1169657586c2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402671529f1fa44c901ee981f7f9318406d398fb67080080418b5dc9c80de39e
40a3112a7b9385055a9e4916d570fd0ae13f949d05a07d6717eed92f984c4203
40c03692521e713a479574cbbb0a40efe24e9ab0891e4c4541d90ada1f00241b
4191024c01e1af1a86d6e45e812ecca69466cda390e1a4e2395f9895812814af
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
426112c0482818b20c059d33cc8761e39794c385238fc6f2fb2b9a71f9df7a93
4287e18a4d6b37bd78b8905c2e2203a17e95414bf17893cbc5ec91327ad00638
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
43a3f85e2fe4c6e0fec4e6a32fbaf54610d8af0cea0141b7f76e2f57b34dd3e3
43b348d194f4e2c50da38d2a5e596635df86baee4de5839d73d19aa6285dbd4f
4440d24955806f03b5614ca7b53530dbb46b24a2efc627a16ba4fa2cb37586a3
449077e4442856fdd1416b3a3648d12c004ec9f607771e40f15cfa4975b10368
451c1f79e9a710c3b6c563db6465fdf2b0e4111bea3c1fc491922cbfb5056e83
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
466f35c3a977f0d305657ad7d25ca5aede468800ad39fcaf613aeb47a9d78bfb
472ef4cfe45e17e12eeb6a45c88127e28afa97162b86f78fc931165b9319fa43
485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8
487ef1b1a657ab23c755ec06d8a38d0703dc9d03617b1dfbf017135211cc1fba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a5fb300a4a4385c50626c1a5ab07ebfd74aa42d41fb13a4897c2618f220fe0d
4acba05a8c466651168c751bacc556a5243021edef99d7e0ed2f143df1d11bb0
4b4a354eefa3fe0319c9e8a63b89c105f260eaf4f2c8348fe9539d00ef077ce6
4b4b651a02d9141ab784355e7ff10a5e435909e3f87ad07a670d5346de9ca485
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
4c3895157263cf87ac3eb3c833cc92e184573ef6785aa29a73d7deccc43360c4
4c8061f081d2aac5102b9670bb273ea1146a974c6b704886389fbbf804e031e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5503e15ade8df86139613533da8973c2fa47b6e50f4ebb708cce89852711e3
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f198c4c8deabd496e3f6674504214a643b120144697fe02126143ed2031eb3
5173c915b9b6e2c3b24ed89502eed57341952fe69393fc2128895bcfedaae6de
51b33381eb17271ca2413508ceff647f68a8dca3d6ee71a4b6cf51f103e77748
51bab4844ef79cffeb8629faabecd5939ab16571f3997cdaec1f66d73394345f
522f2bf913da5c97e70255bb95ab518c2697869c8f357285f0b3805cb34dc63a
52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3
535693cceafe51063b82e82fb90bac0276df1a09d9e2e19ec07083094f6188f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5492a7ebb76d686f63c47b41aeeb78518f6cd0b762c94371cb1636886b5f9993
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57f2615e2f48bb1cb71b9a9a9c407e6d7d90e4f40944c274ebe74fffa3f11fb9
58065b3c12038b9bb9894ae2994a3adfedfc9a999ef7ea7135f89d5ac24be38a
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
589397ae8dc46235e290055971accaa652cd52081e70c07d7c4fc40ae9743573
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a3e8f17ce916ea524240c35473c599c76ee3c75f988f0c3920fc0e3557cb70f
5a6dd347fc26084825577e6b414d376654e78bb59d412a9d5f7582b07b83d7af
5ad0769fdf3dfe9cb0d5a6be51c17a90be6de81a087f207711331ba4cdac0615
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5bb6ebb72e9d87614b831e6ddb36d9a41ebfee84d5f63ae3b0788856830ce525
5c75a683b9a8ef68eb677cd71490e5f5d803a1af9f7288c5c717e36555200bc0
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5da2be1a1b3874ae2cb01caec2d7853fb3f40fbf17ba2d7c0b47193111ea9ba8
5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e
5fc4508cc1fb755236895d6630bfe48c6016d2f1e9bc75010198ee5a41568871
6002fb426b4f1bd54ccdec7b5813ef776f4a7e7aaff4a8dd78ecaa1beae519be
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60ba6193515ac5bde06d315934b54163c00aaac71e9519e22a70ee49e4e1783b
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
62440b71a287ad58dc8a5d310c7f599cecf42ea4aab78038c7778fe050d70905
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
63039d98356e4de87ac565532d63f2dec4ca943d7a1460d0b93559b206e9615a
6331d98ef7a541d4866051a9cc9b97f4e324f5658d2658b99203f645340d8054
644ff5d08a1090e4f9bb773256daf3fbc999f601b3ea436e51eb9ed0a54cc827
64a59c02a82ca405f242ff05ff357b54565222a87af05d601011f2ad0d285b39
6548b823e164b41fdeb2484a368c78e513604e98b41b635bbdaea71bb0c64e24
65f598cd7e08f06ebc9c9d7f69d3e1e464d41d311a67a7d5626660cbc2cfdfec
662a293d25ed55f5cf0ecd4bd3cd46f1885692454fa9beba9575efe9f6890645
679c86f847189eabb50f1010443347129c1593d0f1a773e99469f8a7d4f51d0b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680bc163eaa619b106383a01ef4813a1cd43c1df2b980e487f307e74b25e720e
682ae8ef6ab138e29eb35b4bc4ba8e0e7c0f7c952e96f3d565f05bb19c114c03
68711f792152cd5b6574cea2b25c6bd99f7341b82bdb857b3b42b7f105cfd67c
68929e0ba2101f9393f1872c3f1d1a3ab324295a9fada469ccbd71ca1ba2821d
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69da260c5c21cfb3aa86b1497bb3f203ad2e620763e8819d291cc9912ce72832
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1b77bb8ac9d32094589ca4eccbdafd08dc849e02ad215e9191f4194604a42b
6f5db4c8baeb690e04f7abdc0ab5c6f024f7d889bb1ae3355f93f863696c82c8
7020648632b3c6ff939c9eefcdf667616f4ea4747caca2326f9269598a7c6dee
703fd6a2e5941d2cbea28cd7a0bc3ba21caf958465df2ffd2139bd2fcd652611
7041436e10abd57cb77c0aa944baf93412725267e32a5945a3073d1b6d7a3c94
7084bb014a4276dbed5ec18e0ad80dd16e7e52a1345e468111df7db6ef93eb48
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
7107efb19bbe16cc35f7caa9e431090f291331128dd276ccf3ffbf10887cd03c
711c0a3216be2f00d5cafae9a43c00c7ab9cbf91dd853a29a213b234383b8083
7141f7f6ab593fe8394c165fc386f30c4f09c0115218c7b00ae4802b7069bea7
71c4afc7ab159a9b4362cfcd946e6fc3fea9abc13b68674fc9fdac5a6930bf2b
71c5fc9a061a07930f6d11f6bc5187b817a519274492bf0dd512c841e94a19b7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
728fca0008d44666efbad1ac112959fea1b2998fd4c558ebeabfd2f73c0c2502
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
730faa3bb8655d6f579e36335f0527e63af40c2ccf69ba745fb5d6647039f500
73e38edc021038b0c941c08ba8ae43f767569df1a2794db028b7130309c366c7
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f
7551a858fe76234c54c69dbecee02fab2bd31ef2a3de1f9a7f1d15fa54ed0b66
759afbadab3b1a382fe3566cd52d4201d677fe56483e3b91a8bc869e63a5f715
760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc
76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd
76f57d70398daf7ed6113e205b70d6d9a6309c22246029273baee94766c7aa75
7769a4c663088f0ff4f116d82f6f47637826976bad4ca0f118bb6935fdb3a90f
7770246be8d72673d15009a885864e97711a6a0822ac5e8a6d6332c8848976b5
77a8224cb79798b9f7dc647e5489f5e5c135cf166767a2fe6b2d3528619b53a7
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7838b7c81d71cdf46326ba9a1ad9ef32939487acfcbeace19cf4dfb7913cb1f0
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
792d1dcbaa1fe5a471d558ab1b5c35954584594d2c3c53a322800680407fa199
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a42c051a7a1fb1bc1599624499bf49a723185448d0f79e36fc30f748a8f224
79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749
79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593
7a563e6d2420cba9d24dba76ce3c0a6e32465c0773102ccd799b1ee656ee73d8
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7b05e1ea662a3ef3f538da71c8f3e7300e5413c28301f1b36444351420b8f07a
7b0a1683702d854c16cffb91d10f500cf10018eacf0c2b4c939293dea961e1f4
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7cc6c10e1cd170a872f2e80ebd9d872eb8dd25447069cecd51c64fd7e6ff5629
7d098ddd29acb42fcf58a1da8ecf72b8120316914246e17cc01e97384079532e
7e51da09cf8267847bd146f82f89ed9b4a9279bd1dfe4e988023677b2a2e8b48
7eba5f41d59aefb5990b99a781e0dbdfff7ae1d6987dcb5b18e12fde3629f262
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fc32ff80eb80e8a7c9e7ac867dc6b73b480dcf0aff252b001e91a3dd645d876
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
802521799afe125e241150350f91ae5f68127cf284d14f20295f8a78073611fd
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
807cf8a397da42bda3258ee4508558f1d69256aef43c25f02432b8b521302e45
8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7
809a87a223367b6c36eacfaaa0f37c9d0c642e666e12699aad9dd257cf7a6994
815745a62e63ee52d51d46ed087a4b8502f3ae8d014a1fb1b8ca380eddd665b2
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2
846041bbf79457aeeed62e5f32e3540a47a05aed800c7a8494b44908eecbb535
8557e464dcd7fa2116324e2f1711409c761a727a4b053f80abbc0e982395beca
85eee997eabc3e76a85151e4ab457c3e2e1e8969e292a5a0c9ca44b4df33d6ac
868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9
86998515ec3d0013a522eb5316875c2247a8cfba02bbf689f84d8bed7975c89c
869f77d11c14732734d72ee3b4f5d5259bc68a0edbf444d2f65871294c901503
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
86cd6f0299b02a120684398ac8cde42cbed673bcf64dfca2561575eccf96e72f
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88ee1511b5fb8b3fe009655557b2591bc5c76f69eb5d0c32af95857aa3eeaee3
89207c9cb9b3e01b180ba19465edfb1f2dd8b49355b9714664bdefcd9bba027d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f1555e246c7679e3060e250a5b8f93c851f80c11ef5dd135032012a72824da
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c10fa406d38be97b45d3809ea6f5910c5f695caaefde4f8d63bd6c0c7b2a7cd
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d909426f85c1f06ec5eb4e115e1a012e7090f57b004109173d7bedeb0845728
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9
8fc2879c7fe4ececd774590427db68834aace545e957924f3f318a3430c695a7
9097ebbea4d30d3f30a6af47ad0630bab14c6c17b2763b7006cf4ae784ad7329
910a1ff6ff95d156812bddca083e34b9043c5d9965633904ff7b66900e881f77
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9320acf45091cdb30afa1d56caf2563462ef58283c08776d50ef13f4c61d6674
9369c300a8445a083365f53aff5c1388cdc09ff4aeb900ea812ca607ea08949f
936cb6bb2308787ccbd2721c16d43f0ce06878ea12d693c9e54c0093f1a2b6ef
939770ea6517e7ba27e40e2c21dbeadd159778bfd4bb54d134c2eb288b7a8815
93c8a0be2359ecee88fcf23fe2e94be731316da8f49701544ed3f72b3daa1142
93e956ec1072bd2963c9bb773b431d0404e7bce62a33152570cc2a155cb83302
9429653b75ac83ee0ecb2c60c29f23cbd7852ca00feb79216ba6dbfa971b4066
955a480bdc454ca648b7aca15c39ead692ea86a33356fcb5314426ea67a36c83
957250897b79b9f1896ca312612b70d1856605e209710d5dece73001cfb3acc1
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
96461945199fa3f30ffde2007b889af6e0744665521a86b6b7230489277a3d92
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
970410d8ddba4d13d05a51c5a5cb1a2d3fa778cbc7e0f013d48ce6518f492f62
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
9833b7592acf3b5c35823734771c445a9bb7aaf8c019283d5544916adadbd5d0
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
99042f1a63b0718bb42b937b1b65a3dcbb065200ec8ec352f80452727111d9b4
9944563f668ef2f5279a8c5e94bb9804ea8765962f22c7ab941999502741f974
9988dc6e65f149676126ee08899d1bb5d510262c0eddbd6a451112ac9e2b581b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a78e6a85bad2719e4994eeac1f90040b61a33364a52264cdfab6a05285db4f7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
9b8eb5ac6c3afde3784a60f5a392b8bce60621ced0926655cc4b430f4f157ebd
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9c837ae4c99fbb46f841edb062970e45c16e648f8c4ecbc0c973328f5e394489
9d0fffabcb84236c9b88c2c83fe5dab35eb1cdbfa8000aac2e26f7d0bf66f8a6
9d39fd0fdccc81c049611079899e92987f957f1e76325ce58056a0417c61633c
9d4126542d42beca45e02d3d00a024db3575288d6c11136418ab6073240240a3
9d4e288b8c9e5c95ebde2351ddfc6adb706b672a9a4ceaab9d33ad1814a75bfe
9d78229557f6e87fd7ef6ba4e3a73e5b6d8fecf030da9b77b484d3f97ae13e47
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9e79960557456ee91870e765c1808678d000fa8a45bb214fcc56caed5be53b51
9f4fed72aa8920af6d204b9b02270ff32b7f3a891f07b823bd9ed9930f621d0b
9f52bedb3e9cd413a96005f677068683e1767698fad1c2eeb0f6f5893738b21e
9fda3ad8ed30867ab38c20f15ec8432107a445a51d50915eeb13c9a4b6eb2262
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0631e7aa9f75e06d31f440846182256647e04bfb08bdd26271d57a21d0e604a
a16d2a461e2ad9664eac079012fcf19d254c7f7b9fcc720592fdd1fde8ad8a04
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bbe7b17924cea5a310139b17b89f434a664e1921566dfc7cf2b3627e496568
a1f614aa2d2ffd8be4073a1e055bea7236cfc9f65c6d3730c3d588f1b6453eab
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3346c2bab394fe734b1eb82f33418323140257a26d4a6f93141a891cbc3d94e
a3ab67ceb5db4ecd80fcc5dfb7458477c984e8c095aa697a8c4ac63d068173cd
a3f0f9972814e2ea2652022c94a24e3bce13708ce44650b338753a3ce5c5ccd6
a43d4ecd8a3004f8c6858398c6743b5cf8063bcb6264548fe42677a577683613
a479f83cca1846bad3c354e5e950e88aab8673168e4d3060a0aa4e5d8f9e0903
a48c17ad626639d0fb30aab8927d0f608a5c3697f3a6c81ea5ceae8bf9c8f67d
a49a5d0fb599ea908cfc636e3c8f46952623e42485bb033d53abdcbcc3fe4fe9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ad636890d0307ea5e66f8e1702e1daaf9c5ad4de89586c23c0cb07ecaaf129
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a9d576d438939810fb8f8fd4382847a394ba105a257845a4c743a49caae67b75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa499ff4ba1b9bad1be1a4a6fe3527d487897cfa4aba3db7d930272f17b7a26a
aaa23517893b2223f3548d7ab497f8adda822196b4d59b480bcbf44a255308ad
abc633bf1e7034d2bfabdd85067ae44c0d5864aed8fc5354997bdfeda9db54ff
abf1f0aaa3fa9a956e69ffff9f76757cdd2c848d19617e7a279b35b48438d5b0
ac15f08026cfb079ddb210efe365b77cf1b9cc2810c7a507aa12f079c4e6eda9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588
ad47f6ce66130cbec8c261f9aa05597388af825b08a996fa2cb66ba061bea51d
ae0d354d45b80213322b59985c9beff4f79692ee4d886ba33db26fa750b6bd20
ae2b3702e2a51d00d8b6d71b2457adbbc931df0098e567b4355c0f11c96837d2
ae461e56bcdee060c864265fc702e74511fb5fecd26b658dee9878f2d3a99cb0
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
ae77671c59ac28f7b1e4d10631c728f55e572b09374a29c5ecd73c388e0b94e7
af00fae559e1016599031f27dcb2adc79e0d654c3f8f64c28e51aac4fc1aab65
af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6
b07671290d4a8c6d277510e9d92eb6f5ba871835b85ddaf2b4c82e9e15642236
b0f73d84e33a1642bb54962406f5e78e930e6b929df1802e5988781af492da5a
b11cc97f2c2325e9968277a26a0305000af15e9f3aa0f9f4cae3112688d06b98
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b262359548e78975d5915d49e3f2a69683b7bdeeef956ded8cb68c0c50e81ba2
b297960f83adcc0a41c0062070e402daa9123a5f0ed1df4a8db4701b518d6fab
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b37fd7f8466ad5643e0dc5f371ce68c03c24d995bed156d7e3416c67be96fe56
b3bbac0c381b1a6f2b4989aa27d5b941cc6a2ec73b39125df46ac8899b2a2458
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4d65c3acdd3935e5d2707843834698a6f24a08b07bd926347c0b166234eb3f2
b56761394c1c0f9476acffbf2614bdb2864d2ad5411abebd0d6ac67fc774613c
b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5
b5af9adb017cd8c388bd5cbd7b8c2f0c4d02dd8beea1dc8c4ae5145796493944
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
b8e8c3b7d9ae201b53537380c6e404e46df443965abbc46528ccdfc20f834bea
b9139caf5a699497154d3a233d16b3ca047ff93ecb446d1267fe661527bcc082
b9769ab6ce940ef81f427314fb44ce5ae80ba1efe11d94c70722d2165b55cf50
baa52c80da6c89649ec842971cc1bee11c4b031db8eb704b80e6e910d18d876a
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3
bcad1894d6fabb48473205ce8d27e7cf9a173165af7d8afed3ddd6f401d273b5
bdf64ee9f85268bf51e3cd70abd958229566fc0adca16e3ab516df299d8bac47
be1ee07dedacecdcf778edf01306c17ade2f264d793fd7ae4c0be096d3c8e39f
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
be35cc98fdb9c56dc6a0861f7b96e10e6cdd0260626f7dbc0405e87f46435c87
bf6a99b6d467cc7c212e3a51c31f0680b687cae2a4f779c445c6a4fa08415516
c04f02a36bc7313acf4564bb0e240b18e1897613332ff394fc9332c60232d61f
c13c15f9fdb58381ff749e2847d2b62336b791afabc67c79f801280362270f6a
c20e2f570977501935b28b410d0868d322c585141a1f0e81e052a62e1a258c78
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c357ae9f7968af67e3332efd5a08f9f4091563809fcb12c317682e959444e72e
c3befd811382250ac0b4c7d742f2fc6be5e9bb007faa8a163a5193587d498d07
c45bc8dfafa975678f500791344090e7ae7f0d684f9d89f602a54b83f9fa3488
c498ab3ea973d1d3226ef72100c99bcfd68a23622d78296d10b6813a021bc837
c49e22577223b5b2d10dc43c512e40be04b9051d4adbd285443cd05d2b9c0055
c4ccbb44af5e8b90b41cc8efe0dd7628e63802e52061e116f1c9af6157898d65
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5611075800370c6ae27c201476ebde58c3944b1f5383f02d2c8bb2f3508d2f1
c63f8a136da56954c25e02512365312d470c4b15fcb5ba03a16d676da09c8412
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8c1a17fd40c12eee1829052f6429a580ae5656539269097dc6528033a638368
c8f7e4616a0b99c41c747a3485a00acc5312919393b9d21ff6835ece6917a00b
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
c9f3f5a9f9af6eac95e29484050e568d516f50ba1999c49d06bbb3d753492f38
ca8745bd8c7d6b74c0ddf7acc7956b1555c7b3dfd4df5fd6fee280320496a0a3
cb189c7a712287e1bf77631c2d61571cf02c910b75aee18e41c298f4ea9dcb8e
cb27c2c2cd15259148fe65257a32200ef899315d3694a6e7a2f3e39c1b500983
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cb8993c767e17e586b7172eb617663a7326c62c54900f1acfebfe8ba3f294802
cbb94504b764679d5ce207066f9bd9965901ddbcc349a087d5fc9cbc6e635f73
cc355d7d52b9b712f88e6e4142f729dd29f946b81a0054926ed97dfcdc1bf0c7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cd69b3cbe6762c5d83237b71badcf58c38ed0d9438b4e5aa2ba2fe911b50f740
cd97cafede99507205c4f9909530341d7d59d349e9d206023409d5e78bb673e3
ce0c46c52d55e3439c00425a836a70dd7e8bbc6f31764d22fe5dd238d6ce770c
ceb8d0a656deb2043d475d58f5d37b9c5d9d8f819923e66951cb2ace64dc6e7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9df46c4d630a6c608d212912145418ceb801d14e45c495ce0f68e1a522057c
cfbbd233e2ebf660228be63ff741b524450a9cf1baa5a4595ade239317298b7c
cfc9e9a9738578e3529bbbbfcfca3dfe065fe0e4fa8648d6615a6b9b21d4eccc
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d038999f97a226256d8bb50da8c08d5159930cf5a91c0a7a514e74fd3b1db217
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1179fef140062ff50395416a7dd740a5ba7e2abf053114eedb8d8c1eda96795
d20f1366838d429ef9cb00af5839152745e9f557a1e7ab215d68de92e49851ce
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d30863f4726da266c480bf677b1148bb73eaba8fd65cdce6b2c387086679b36f
d5fcd03495b8262736dab06a873fcd9009d869e6445f76d82952e4f861006edd
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91
d8b2e897b008921901e7c30dd257e7b367b9114c12d48cf1521f6994e758f8c2
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbffbe1b980722af33cb630f70cf0c484aa1ffc4be4b58559d7c9afa6adc96ac
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dc3ab0e79ae79b338a3f93d1e333feb8c6a654e69d21d23d238ac4c35d2a1b3d
dcdba1c74a3e8755b5b3e8be27b309623d187355fe3f3ef73dbf69545f8b40a3
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
dde183cd4b72d8e2354167f3b4e3c0240d6597139599fe37b559849195ff3306
de0ca3b00acdb944ba568f12e1e0c78f1459e3742a4f74b9268a71537e95d33d
de62c6cc20fd2c3ef34756f01b1826290decacb72aeaa432ee5e10dd34bc849d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded4b4eff4d14e4d8b1f810fe09ee83b18f6d20551abc3608a043ddd8f5abf7c
df0ca7fc3a27a1455577229c3d03a0cd6037954539ec403515f70c75f32efd54
dfe80a7f4cd42ac22b326fd6f2731c709c0be6aaf40ccbecd63857187f4b3777
e082294630f01fe8c1754f194c9ab266daf508bdd6353949cadf922f6396301e
e19058d1808e999e23b81bd027767152e89e7e7996b480c192e61bf6283abd48
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e330488371fa814fd6c4d2d98f6b185dc2f59b136c46a3cce6016fa8b5ca3ed6
e36258c9c56f973584d4646646d58779701e47dea96124ab3170ab2aa5ebd142
e3b01c18c44d1c0eafb9a5c4c5929f11c993036c5320ef78d3c237638a42d4c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0
e41196faf04e73d27c3850b4874a8176201f841349c4842d9c3744b9c7312cc6
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e49e1c38c91448b1c10a62b94f3a1a60a7fbf1d1ff9fba9ce12c47937694242a
e4c70aed8085d619d9af7f6db1fda606952c0d91f0ef8ef7b696d01046622088
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c9b862df037796044de56c7c996a0af4ca4ffad00524ad3c02a2adfcfa0692
e6744a4dc36266a1f5c7ed9b3b9b3fb664a695b6ac7b8304785185e0826d66e6
e676f8c37bc899e7956e6d357db9a3a312d3822c5ff724666f8d378bd5705fee
e6843aac5cf75fcd2f2d14544da405342b601650a6e666708011ff4aa6029769
e6a0f995b557fd47381955b02f864af522057a49296da6d823a8278aa1b349b3
e6a6d1e00d7f56e6f2e210c99a837a40ae08901e974d66bec04302dea300e1e5
e7cf5a4bcf409175820c770705f3a5d40d0b1c617c7edf799b9633deb99e0229
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
e8c28a4cb9cba13c5b240a3eba5ed8b58254fc98ac1794048675109bcd403d3c
e95cd5f8eb0bb907be0fee498b74b2f2dae088f818398c4a693f147768ce48a2
e97d248e9126a7a1670aead197ddaf9333333d502a99c752be5482bc53b07c3e
e9e569723967da4463ede5ac2b1ae8390e0ece8fb058e39a793daade6eceb622
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eabfb52c636111a5206ab400ecfa268f6410c9144780a9555f172726ec949068
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eba63da064bf7394cada80af6ebd94f0d9f2d1ebfca9289f1f5e7ef6db66b9cd
ec9954727be305155232fca67e6212fd682af776cd9f0e94db63861b1061f3ab
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed9cbeab7ca99e761b557446f9756337755bf0d682edc4fbc17b24df3f22d412
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2337bf78803719a5716d5ae6841f3019bf88dd1102565f3d9a852a77163cb2
ee7bf86334c68af406d04e6ec562e082107be02f76aff19219c12ac38d3dbb29
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1f1c4067d5c153afb7db0d127cf867b7b4d54ddffc9bd3e003663207258fc3
efb6343cf6b0259bf7980f13c8d6b7aec22787e269f02e79f67ff9232d8d826a
f09593a5c4b13894ea7f0a65c055c35d2acd4a3168573d6566627cfc48bf1c0a
f0976fe3632f7340fe0befd428ff68f14458ebfc634eab8dc047ee275d0edda6
f12bbbe604741b1dbe2cb07cd20a0c7950d106315ba2c58accc92e95e6c4e4f3
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38
f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b
f436d7ccb58e150e6cabdc18fed5a45fe1d7835adc4a9e15399f84cdb9e41430
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5b83720f79788f4c1e15d9e50bca0753892391412bbb50212d1ee314ef66380
f6431b400f412a751f16b20b585f678a9747f3c35688dbb935fb3bb37c02eb83
f7295b4a401c5f29a31b6b7647ac338184b4a70bf11e598e2eb22b2521d22644
f73bf59120a4b843d62ff608edd7fbb1158545682c46213ed4671030581dabd4
f7e02db8d62e3ff306d0607d2341d9b348583b24e4a65fa8c6b41c055816416f
f805966fbde21b024d9cb0b0efdf0a004ca103924554b856f79c09b00fc6eaf7
f84a3efdb0527c8fb26ca2112da7d88dfd6b921659093c6c8b693328c384b09d
f866bb07a0c94ff6de3dd930dd46051a4b78bd5c96c2d56d6ca47b37539d106a
f9fab46dac176d955438470fe4f06ca78a04a280c1588abfc721653004747e19
faa6304775108b2a5bd80188e6cdb1c160cb839aebcd2d17b5211414f179250e
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9
fb853fa9d5b000b500c0e2e7c6968d2cc6c80897f9d671a8abd3a1a00e13fb4e
fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc3ba1dc470ed035d7e0acec2fd128e9252f8b68600770e80dc351d96aa8eb3b
fdea2f97a4aa72da4a16e52537fe3b64b98336122dda0ca20dcf1ea29b5c79cb
feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce
ff096a9c5b5b41989d40bf8e9c2eb1cbeb47ddb43a864bcb839de4649f57d412
ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24