urlscan.io logo urlscan.io
SecurityTrails logo

betweenusparents.com Open in urlscan Pro
149.47.142.178  Public Scan

Go To Rescan Add Verdict Report
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Submission: On December 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 8 countries across 71 domains to perform 862 HTTP transactions. The main IP is 149.47.142.178, located in United States and belongs to ASMALLORANGE1, US. The main domain is betweenusparents.com.
This is the only time betweenusparents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 149.47.142.178 62729 (ASMALLORA...)
8 151.139.128.11 20446 (HIGHWINDS3)
12 192.0.77.37 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
3 2600:1901:0:3... 15169 (GOOGLE)
30 192.0.77.2 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:12a:8000::4 54113 (FASTLY)
2 52.216.205.245 16509 (AMAZON-02)
1 34.209.120.242 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
10 2a00:1450:400... 15169 (GOOGLE)
1 184.73.100.94 14618 (AMAZON-AES)
23 2a03:2880:f11... 32934 (FACEBOOK)
2 34.204.113.242 14618 (AMAZON-AES)
1 2 143.204.98.71 16509 (AMAZON-02)
2 151.101.1.194 54113 (FASTLY)
1 2 143.204.98.60 16509 (AMAZON-02)
1 2a01:7e01:1::... 63949 (LINODE-AP...)
1 107.20.147.136 14618 (AMAZON-AES)
1 2 143.204.98.39 16509 (AMAZON-02)
24 143.204.95.188 16509 (AMAZON-02)
2 14 2.18.234.21 16625 (AKAMAI-AS)
1 36 142.250.184.194 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.231.31.218 14618 (AMAZON-AES)
1 143.204.98.125 16509 (AMAZON-02)
1 143.204.98.101 16509 (AMAZON-02)
3 34.243.64.153 16509 (AMAZON-02)
1 143.204.98.116 16509 (AMAZON-02)
26 35.186.236.140 15169 (GOOGLE)
1 151.101.128.84 54113 (FASTLY)
1 37.252.161.190 29990 (ASN-APPNEX)
20 147.75.61.140 54825 (PACKET)
26 35.244.159.8 15169 (GOOGLE)
25 185.33.220.145 29990 (ASN-APPNEX)
1 34.236.58.25 14618 (AMAZON-AES)
25 104.16.190.66 13335 (CLOUDFLAR...)
19 34.107.148.139 15169 (GOOGLE)
19 178.162.133.150 60781 (LEASEWEB-...)
19 54.224.34.198 14618 (AMAZON-AES)
19 23.37.38.181 16625 (AKAMAI-AS)
20 185.64.189.112 62713 (AS-PUBMATIC)
19 54.77.120.81 16509 (AMAZON-02)
19 34.149.20.76 15169 (GOOGLE)
39 18.156.195.47 16509 (AMAZON-02)
24 72.251.249.13 29791 (VOXEL-DOT...)
18 52.29.20.215 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
12 18.159.117.129 16509 (AMAZON-02)
14 52.208.210.171 16509 (AMAZON-02)
19 185.220.204.135 41436 (CLOUDWEBM...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
8 2.18.233.180 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a0c:5c81:509... 55081 (24SHELLS)
10 63.250.60.65 204548 (CLOUDWEBM...)
2 3 18.157.95.55 16509 (AMAZON-02)
1 1 23.88.75.189 24940 (HETZNER-AS)
1 69.173.144.139 26667 (RUBICONPR...)
4 4 185.33.221.90 29990 (ASN-APPNEX)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 104.111.244.187 16625 (AKAMAI-AS)
3 37.59.24.120 16276 (OVH)
3 6 54.217.255.32 16509 (AMAZON-02)
6 6 54.228.180.49 ()
3 151.101.193.108 54113 (FASTLY)
2 37.157.6.247 198622 (ADFORM)
1 52.57.255.59 16509 (AMAZON-02)
1 185.94.180.124 ()
1 18.157.100.237 ()
1 185.64.190.78 ()
1 3 104.18.29.199 ()
2 142.250.186.66 ()
3 2a00:1450:400... ()
2 2600:9000:215... ()
1 37.157.6.251 ()
2 89.187.169.47 ()
1 2 5.178.65.246 ()
5 213.254.244.17 ()
2 2a00:1450:400... ()
1 4 52.58.196.21 ()
2 67.202.105.33 ()
2 188.132.147.236 ()
1 204.154.110.87 ()
3 2.18.232.130 ()
2 104.18.15.222 ()
2 67.202.105.31 ()
2 2 72.251.244.142 ()
5 142.250.185.98 ()
2 2 37.157.6.242 ()
2 2 76.223.111.18 ()
1 185.86.138.119 ()
1 15.197.193.217 ()
1 34.120.133.55 ()
5 34.226.111.203 ()
5 2.18.235.93 ()
5 67.202.105.21 ()
1 54.36.109.47 ()
1 23.37.42.132 ()
1 2a02:2638:1::13 ()
862 104
15    149.47.142.178 (United States)

ASN62729 (ASMALLORANGE1, US)
PTR: tang.asoshared.com
betweenusparents.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn.shareaholic.net
m9m6e2w5.stackpathcdn.com
12    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
6    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
monu.delivery
30    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:12a:8000::4 (United States)

ASN54113 (FASTLY, US)
www.nokidhungry.org
2    52.216.205.245 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    34.209.120.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-120-242.us-west-2.compute.amazonaws.com
badge.clevergirlscollective.com
2    2a02:26f0:6c00:28e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
3    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
10    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com
www.shareaholic.net
23    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.204.113.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-113-242.compute-1.amazonaws.com
analytics.shareaholic.com
go.shareaholic.com
2    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
ats.rlcdn.com
2    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    143.204.98.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-60.fra50.r.cloudfront.net
get.s-onetag.com
1    2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
ipwatch.monu.delivery
1    107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com
partner.shareaholic.com
2    143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net
js.gumgum.com
24    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
14    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
36    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
2    34.231.31.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-31-218.compute-1.amazonaws.com
recs.shareaholic.com
1    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
3    34.243.64.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-64-153.eu-west-1.compute.amazonaws.com
api.viglink.com
1    143.204.98.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-116.fra50.r.cloudfront.net
geo.privacymanager.io
26    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
1    37.252.161.190 (Southall, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
20    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
26    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
bloggernetwork-d.openx.net
u.openx.net
25    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
ams1-ib.adnxs.com
1    34.236.58.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-58-25.compute-1.amazonaws.com
reachms.bfmio.com
25    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
19    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
19    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
19    54.224.34.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-34-198.compute-1.amazonaws.com
display.bfmio.com
19    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
20    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
19    54.77.120.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
19    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
39    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
24    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
18    52.29.20.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
45    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
tpc.googlesyndication.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
googleads.g.doubleclick.net
7    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
12    18.159.117.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
14    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
19    185.220.204.135 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
4    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
10    63.250.60.65 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
3    18.157.95.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-95-55.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
10    2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
rtbcdn.doubleverify.com
cdn.doubleverify.com
8    104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com
c.evidon.com
3    37.59.24.120 (France)

ASN16276 (OVH, FR)
PTR: js02.adlooxtracking.com
j.adlooxtracking.com
6    54.217.255.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-32.eu-west-1.compute.amazonaws.com
go.affec.tv
6    54.228.180.49 (None, )

ASN- ()
map.go.affec.tv
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
2    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    52.57.255.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-255-59.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.124 (None, )

ASN- ()
search.spotxchange.com
1    18.157.100.237 (None, )

ASN- ()
ads.adaptv.advertising.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
3    104.18.29.199 (None, )

ASN- ()
cdn.tynt.com
sc.tynt.com
2    142.250.186.66 (None, )

ASN- ()
googleads4.g.doubleclick.net
3    2a00:1450:4001:831::2006 (None, )

ASN- ()
s0.2mdn.net
2    2600:9000:2156:a000:f:4f64:8940:93a1 (None, )

ASN- ()
js.adscale.de
1    37.157.6.251 (None, )

ASN- ()
cm.adform.net
2    89.187.169.47 (None, )

ASN- ()
cdn.admatic.com.tr
2    5.178.65.246 (None, )

ASN- ()
ads.us.e-planning.net
5    213.254.244.17 (None, )

ASN- ()
rtb0.doubleverify.com
tps20519.doubleverify.com
tps20512.doubleverify.com
2    2a00:1450:4001:82b::200a (None, )

ASN- ()
imasdk.googleapis.com
4    52.58.196.21 (None, )

ASN- ()
ih.adscale.de
2    67.202.105.33 (None, )

ASN- ()
ic.tynt.com
2    188.132.147.236 (None, )

ASN- ()
ads3.admatic.com.tr
1    204.154.110.87 (None, )

ASN- ()
tps.doubleverify.com
3    2.18.232.130 (None, )

ASN- ()
acdn.adnxs.com
2    104.18.15.222 (None, )

ASN- ()
cdn-sic.33across.com
2    67.202.105.31 (None, )

ASN- ()
de.tynt.com
2    72.251.244.142 (None, )

ASN- ()
tracking.m6r.eu
5    142.250.185.98 (None, )

ASN- ()
cm.g.doubleclick.net
2    37.157.6.242 (None, )

ASN- ()
c1.adform.net
2    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
1    185.86.138.119 (None, )

ASN- ()
ssbsync.smartadserver.com
1    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
1    34.120.133.55 (None, )

ASN- ()
api.rlcdn.com
5    34.226.111.203 (None, )

ASN- ()
sync.bfmio.com
5    2.18.235.93 (None, )

ASN- ()
contextual.media.net
5    67.202.105.21 (None, )

ASN- ()
ssc-cms.33across.com
1    54.36.109.47 (None, )

ASN- ()
id5-sync.com
1    23.37.42.132 (None, )

ASN- ()
eus.rubiconproject.com
1    2a02:2638:1::13 (None, )

ASN- ()
gum.criteo.com
Apex Domain
Subdomains		 Transfer
55 googlesyndication.com
pagead2.googlesyndication.com
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
tpc.googlesyndication.com
494 KB
46 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
319 KB
44 wp.com
c0.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
stats.wp.com
pixel.wp.com
1 MB
39 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com Failed
4 KB
36 adnxs.com
prebid.adnxs.com
ib.adnxs.com
secure.adnxs.com
cdn.adnxs.com
ams1-ib.adnxs.com
acdn.adnxs.com
208 KB
30 monu.delivery
monu.delivery
ipwatch.monu.delivery
imps.monu.delivery
180 KB
29 primis.tech
live.primis.tech
video.primis.tech
1005 KB
29 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
39 KB
27 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
21 KB
26 33across.com
ssc.33across.com
cdn-sic.33across.com
ssc-cms.33across.com
sic.33across.com Failed
117 KB
26 openx.net
bloggernetwork-d.openx.net
u.openx.net
3 KB
25 districtm.io
dmx.districtm.io
cdn.districtm.io
992 B
25 bfmio.com
reachms.bfmio.com
display.bfmio.com
sync.bfmio.com
11 KB
24 lijit.com
ap.lijit.com
14 KB
24 media.net
prebid.media.net
contextual.media.net
53 KB
24 amazon-adsystem.com
c.amazon-adsystem.com
88 KB
23 facebook.com
www.facebook.com
14 KB
20 a-mo.net
prebid.a-mo.net
566 B
19 yieldmo.com
ads.yieldmo.com
4 KB
19 sonobi.com
apex.go.sonobi.com
12 KB
18 sharethrough.com
btlr.sharethrough.com
2 KB
16 doubleverify.com
rtbcdn.doubleverify.com
cdn.doubleverify.com
rtb0.doubleverify.com
tps20519.doubleverify.com
tps.doubleverify.com
tps20512.doubleverify.com
tps20522.doubleverify.com Failed
235 KB
16 gumgum.com
js.gumgum.com
g2.gumgum.com
49 KB
15 google.com
adservice.google.com
www.google.com
3 KB
15 betweenusparents.com
betweenusparents.com
253 KB
12 affec.tv
go.affec.tv
map.go.affec.tv
7 KB
12 clarium.io
protected-by.clarium.io
4 KB
10 ampproject.org
cdn.ampproject.org
204 KB
10 gstatic.com
fonts.gstatic.com
200 KB
8 evidon.com
c.evidon.com
31 KB
8 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
128 KB
7 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
8 KB
7 googletagservices.com
www.googletagservices.com
256 KB
7 google.co.uk
adservice.google.co.uk
1 KB
7 stackpathcdn.com
m9m6e2w5.stackpathcdn.com
116 KB
6 adscale.de
js.adscale.de
ih.adscale.de
7 KB
6 indexww.com
js-sec.indexww.com
20 KB
5 adform.net
adx.adform.net
cm.adform.net
c1.adform.net
2 KB
5 shareaholic.com
analytics.shareaholic.com
partner.shareaholic.com
recs.shareaholic.com
go.shareaholic.com
3 KB
4 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
22 KB
4 jsdelivr.net
cdn.jsdelivr.net
37 KB
4 viglink.com
cdn.viglink.com
api.viglink.com
30 KB
4 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
17 KB
3 2mdn.net
s0.2mdn.net
413 KB
3 adlooxtracking.com
j.adlooxtracking.com
data00.adlooxtracking.com Failed
193 KB
3 rubiconproject.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
645 B
3 bidswitch.net
x.bidswitch.net
2 KB
3 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
2 KB
3 rlcdn.com
ats.rlcdn.com
api.rlcdn.com Failed
38 KB
3 gravatar.com
secure.gravatar.com
10 KB
3 pinterest.com
assets.pinterest.com
log.pinterest.com
19 KB
2 3lift.com
eb2.3lift.com
947 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 e-planning.net
ads.us.e-planning.net
404 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net
146 KB
2 amazonaws.com
s3.amazonaws.com
720 B
2 nokidhungry.org
www.nokidhungry.org
587 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 shareaholic.net
cdn.shareaholic.net
www.shareaholic.net
7 KB
1 criteo.com
gum.criteo.com Failed
1 id5-sync.com
id5-sync.com
1009 B
1 smartadserver.com
ssbsync.smartadserver.com
75 B
1 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com Failed
220 B
1 loopme.me
csync.loopme.me
242 B
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 privacymanager.io
geo.privacymanager.io
592 B
1 adsrvr.org
match.adsrvr.org Failed
545 B
1 clevergirlscollective.com
badge.clevergirlscollective.com
271 B
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 crwdcntrl.net Failed
id.crwdcntrl.net Failed
0 atdmt.com Failed
ad.atdmt.com Failed
862 71
Domain Requested by
39 c2shb.ssp.yahoo.com monu.delivery
36 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
betweenusparents.com
cdn.ampproject.org
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
confiant-integrations.global.ssl.fastly.net
36 securepubads.g.doubleclick.net 1 redirects betweenusparents.com
securepubads.g.doubleclick.net
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
www.googletagservices.com
26 imps.monu.delivery betweenusparents.com
monu.delivery
24 ap.lijit.com monu.delivery
24 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
live.primis.tech
cdn-sic.33across.com
23 www.facebook.com betweenusparents.com
www.facebook.com
20 hbopenbid.pubmatic.com monu.delivery
live.primis.tech
20 dmx.districtm.io monu.delivery
20 ib.adnxs.com monu.delivery
20 bloggernetwork-d.openx.net monu.delivery
20 prebid.a-mo.net monu.delivery
19 live.primis.tech monu.delivery
live.primis.tech
19 ssc.33across.com monu.delivery
19 ads.yieldmo.com monu.delivery
19 htlb.casalemedia.com monu.delivery
19 display.bfmio.com monu.delivery
19 apex.go.sonobi.com monu.delivery
19 prebid.media.net monu.delivery
18 btlr.sharethrough.com monu.delivery
15 betweenusparents.com 1 redirects betweenusparents.com
m9m6e2w5.stackpathcdn.com
14 g2.gumgum.com monu.delivery
js.gumgum.com
12 protected-by.clarium.io 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
betweenusparents.com
12 c0.wp.com betweenusparents.com
11 i2.wp.com betweenusparents.com
10 video.primis.tech live.primis.tech
10 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
www.googletagservices.com
srcdoc
10 fonts.gstatic.com fonts.googleapis.com
10 i0.wp.com betweenusparents.com
9 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
9 i1.wp.com betweenusparents.com
8 c.evidon.com betweenusparents.com
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
c.evidon.com
8 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
monu.delivery
8 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
7 www.googletagservices.com 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
betweenusparents.com
7 www.google.com 2 redirects tpc.googlesyndication.com
betweenusparents.com
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
7 adservice.google.co.uk securepubads.g.doubleclick.net
7 m9m6e2w5.stackpathcdn.com cdn.shareaholic.net
m9m6e2w5.stackpathcdn.com
betweenusparents.com
6 map.go.affec.tv 6 redirects
6 go.affec.tv 3 redirects 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
6 rtbcdn.doubleverify.com betweenusparents.com
6 u.openx.net live.primis.tech
monu.delivery
6 js-sec.indexww.com monu.delivery
6 fonts.googleapis.com betweenusparents.com
m9m6e2w5.stackpathcdn.com
live.primis.tech
confiant-integrations.global.ssl.fastly.net
5 ssc-cms.33across.com monu.delivery
5 contextual.media.net monu.delivery
5 cdn.districtm.io monu.delivery
5 sync.bfmio.com monu.delivery
5 cm.g.doubleclick.net 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
5 ams1-ib.adnxs.com betweenusparents.com
cdn.adnxs.com
4 ih.adscale.de 1 redirects js.adscale.de
4 cdn.doubleverify.com betweenusparents.com
4 secure.adnxs.com 4 redirects
4 cdn.jsdelivr.net 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
betweenusparents.com
3 acdn.adnxs.com 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
cdn-sic.33across.com
3 rtb0.doubleverify.com betweenusparents.com
3 s0.2mdn.net 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
imasdk.googleapis.com
3 cdn.adnxs.com betweenusparents.com
3 j.adlooxtracking.com betweenusparents.com
3 x.bidswitch.net 2 redirects
3 googleads.g.doubleclick.net 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
3 api.viglink.com cdn.viglink.com
3 secure.gravatar.com betweenusparents.com
secure.gravatar.com
3 monu.delivery betweenusparents.com
monu.delivery
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
2 tracking.m6r.eu 2 redirects
2 de.tynt.com cdn.tynt.com
2 cdn-sic.33across.com betweenusparents.com
cdn-sic.33across.com
2 ads3.admatic.com.tr cdn.admatic.com.tr
2 ic.tynt.com
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
2 googleads4.g.doubleclick.net betweenusparents.com
2 cdn.tynt.com 1 redirects betweenusparents.com
2 adx.adform.net live.primis.tech
2 sync.search.spotxchange.com 2 redirects
2 recs.shareaholic.com m9m6e2w5.stackpathcdn.com
2 js.gumgum.com 1 redirects betweenusparents.com
2 get.s-onetag.com 1 redirects betweenusparents.com
2 confiant-integrations.global.ssl.fastly.net monu.delivery
confiant-integrations.global.ssl.fastly.net
2 ats.rlcdn.com 1 redirects betweenusparents.com
2 assets.pinterest.com betweenusparents.com
assets.pinterest.com
2 s3.amazonaws.com betweenusparents.com
2 www.nokidhungry.org 1 redirects betweenusparents.com
2 www.google-analytics.com betweenusparents.com
www.google-analytics.com
1 eus.rubiconproject.com live.primis.tech
1 gum.criteo.com live.primis.tech
1 id5-sync.com live.primis.tech
1 ssbsync.smartadserver.com 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
1 tps20512.doubleverify.com rtbcdn.doubleverify.com
1 tps.doubleverify.com betweenusparents.com
1 tps20519.doubleverify.com rtbcdn.doubleverify.com
1 sc.tynt.com betweenusparents.com
1 cm.adform.net s.console.adtarget.com.tr
1 image6.pubmatic.com ads.pubmatic.com
1 ads.adaptv.advertising.com live.primis.tech
1 search.spotxchange.com live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 pixel.rubiconproject.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 reachms.bfmio.com monu.delivery
1 prebid.adnxs.com monu.delivery
1 log.pinterest.com betweenusparents.com
1 geo.privacymanager.io ats.rlcdn.com
1 go.shareaholic.com m9m6e2w5.stackpathcdn.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 match.adsrvr.org js-sec.indexww.com
monu.delivery
live.primis.tech
1 api.rlcdn.com js-sec.indexww.com
monu.delivery
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.viglink.com m9m6e2w5.stackpathcdn.com
1 partner.shareaholic.com m9m6e2w5.stackpathcdn.com
1 pixel.wp.com betweenusparents.com
1 ipwatch.monu.delivery monu.delivery
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 www.shareaholic.net cdn.shareaholic.net
1 stats.wp.com betweenusparents.com
1 badge.clevergirlscollective.com betweenusparents.com
1 cdn.shareaholic.net betweenusparents.com
0 tps20522.doubleverify.com Failed rtbcdn.doubleverify.com
0 pixel.advertising.com Failed
0 ups.analytics.yahoo.com Failed
0 sync-tm.everesttech.net Failed
0 id.crwdcntrl.net Failed live.primis.tech
0 sic.33across.com Failed cdn-sic.33across.com
0 data00.adlooxtracking.com Failed j.adlooxtracking.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
0 ad.atdmt.com Failed 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
862 134
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-31 -
2022-05-31		 a year crt.sh
*.shareaholic.net
R3		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-03 -
2022-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
shareaholic.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.shareaholic.com
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
viglink.com
Amazon		 2021-11-13 -
2022-12-11		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.evidon.com
DigiCert SHA2 Secure Server CA		 2021-05-30 -
2022-06-08		 a year crt.sh
*.adlooxtracking.com
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-12-10 -
2022-03-10		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh

This page contains 96 frames:

Primary Page: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Frame ID: 8E8B15C4D95BD8DE6F2E63E239CC1C15
Requests: 541 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Frame ID: 573C85E638C8D1F1DC680361D5F974EC
Requests: 23 HTTP requests in this frame

Frame: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: CB6035910458191AD91DE0F72AECB332
Requests: 1 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D96AFCC3A61618B3A970C82C2FB1E929
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21BC3EC7E4F9AB2C8DBB59808A02707F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 814F524781F0E709752CAE6579076885
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: BD43CEC8F4A3315D0A26B06F5F18A783
Requests: 15 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 4E37E31A5EE3B4D9BFA83810A5F82444
Requests: 33 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F74F21E9CE0FA20C259725415339E7A6
Requests: 11 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1656C8CDBD5ADB676081A4B37332EB9C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html
Frame ID: F93D2745DB2F59D8E4ED6A609BA2212A
Requests: 7 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07FA5E32A1F8878E8B29FBB885CE52FC
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 37C5E984F6B3BBF08568AE8B048FAFDF
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 0253C3BB5BF934902539D602F65B578A
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=94&advUuid=fc168277-64d8-11ec-8c61-1a404fd50206
Frame ID: 7C01C78239935A46DFE8CEDC38A4D01F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 5F2B7D93D8A94D3E7C661BE03B8FA75D
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 27ED4075EC7EEC1DE345E94723F4A1AC
Requests: 2 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4A4ED22863CABB0DFF94F090D7115F29
Requests: 10 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0193E6BA5DC87633DDFB5402478CD736
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 426AE7A653CE752458DD9FD84A319058
Requests: 2 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_934144046439
Frame ID: 08292BA66842EC1C6E21E0AF0EA355AF
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 835C40D86612465AE561725B04ECDBDC
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWn7Bhlp983TOLwPLizH6r4ZLMpxFTznShVitvW4sPVhbaew1917H9ar-OWAyk6ZzMXpkv5b4Lf3yFf9OBYX2FqL1Gv4MN_3OBwdFmgkZUIx6Zqc-xAhRMZ_CgOmBgJ1FNKDlJQBxHlKP3YL_fi2ifU-prB_FbgOzRuQ2vUj8_2km3UP6uxFcMYLvWdvcSCQoXZLcy4SjS2Jv2i2gnUx8NSQUzHSDPfDfSeV4HS-w2vMTMjC9mkwmw8tS5bueq0LRAzplQU8fPC8jubb-hIyFM_XVma4Zb5zEIu6UCitSvb78dVdmKX4gsdbyGgQeGPXQO65nqYQxi&sig=Cg0ArKJSzASgS72CIjfgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B9C60159ACE4F21330B5EA803F160D95
Requests: 9 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA9B925ACE840C6AAF7883D2E3753865
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: DAAE1CCB54F637EBA6DA595993FCE586
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: FA60978719140F63EBCABDC358C3B358
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 2456ACA9DD95124E74390B93E627C0B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 6CFAB476DBE23A3209739503CC876DBD
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: EA1C963755A417FE67AF44BC313B067C
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=yHjFDAosvdfRCyijbIn9&pi=admatic&tc=1
Frame ID: 76A392F0911FC8CD8CD6D7CB080066C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: E7AC8578FEF5E404C09D41873DFCC53E
Requests: 1 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_300686362533
Frame ID: 374C609341D73EA60F3999480FD10094
Requests: 17 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1950.js
Frame ID: 21F7199C5E12DD689C75A679933BB2D9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84ED4AEB4E50AEF9B3F7B74C5C063CA7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61A0AE78FDD9B47D8068B510D3E7AFF2
Requests: 9 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_944600469983
Frame ID: AB2A6EC374E9A0FF067601D058FDE4C9
Requests: 12 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1950.js
Frame ID: 61C1D93BD3643BE76FAFF5C0E96C76BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92783DCD74EC33948C3AC37BF7D98DEF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Frame ID: 3A4DF9BC2F045D1C918CD195BAB959E3
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 604C889EF6A3E3B39E82E1CBDE03DC39
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90ADE39C395A6E74B3776BB5AC555F22
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Frame ID: 48802AEDC313AA1EA87D7D1350E00C32
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363529
Frame ID: 5697685722DB8BFDC8DC3D1514CF8DB9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 179B685F807C99837563071DE3267FEB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: F780F8F519EF8D18CAADDFD92A0B52B9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 280A6C9F0982570EE06B7BA3A085CE98
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8AE73788ED5AA6BEFF2D3512213DBC4F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B570316567E14BFBCD02A873112CD9A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=923b830f-b48b-4ec2-8586-f190599c29d0&gdpr=0&gc=&gce=1&us_privacy=
Frame ID: BBD4B0392AF1D139E9AE4483B211677B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: EE53881DC969219CCCA54690398A0671
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3D82E44448155E9B75B473675AF939A6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: B2D36E1FC31D4E248F510F04A60C6A1F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 7A78B17A4578643A4EFBBA7FAA10DDB4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 85396C3BA778E5911114A271D753C4A7
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: F566DC88CD1FD3343BB47A6E8C9F84AA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 41C0920DB5D90E0CF934B47C421DE635
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DEB8C2203DF5B2C2D27B4C6FB72643A3
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 4C016815593325215CC1E82DBA0D860E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8BCCF08F64B599052C7D2B7F66C9881A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B4111220DF842DFBEA4C7DEFDB332C1F
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363416
Frame ID: 2733BA883BD3EEE51AF4408255F9EB35
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 63E51BA93B8CF6B2E7AE0C6C9CD15353
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 03A6E3488093E984C10A1CF02564FA9F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1943E4997307F04A57251030AADAC6A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 593A0060E340664F56F16294DB7369D6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D7FAD2F1A30DF01C4832ADC4F96B8D1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 059639B88D8547782048409D0056A5E1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 4ADD5F8BC40AD28342C85EC356331ABD
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363420
Frame ID: 6A6385FBD10669811E9CA71798213BB7
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 0DC24937ABB719C609F31E76C062FCC8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4878741AB75EB25E08815A688FCD5852
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B52B3EE124EC072BE3229C706BD79928
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 7E989184E1EDB6181F4AA6C7ADCBC1FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 2F98752B665BE9E0570955CCA24918E8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 673CCA841C9BB46A7ECCF22D818483A1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6308C07BB07451009F67ED1C9426B91E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0C91FCE56063FB328F18D7EC8CD483AB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: A15C74035EAD20546C0666F434BE0F29
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 4D56D1EF9FA044E87D5A30E54585BEE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: D37C351C3BE8C36A42DBB849C6075040
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363534
Frame ID: B05371B20309D7034541522FC8EBFECB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: DD0B8BD4FF43DF469F1EC38BE2666E92
Requests: 1 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F1C09966D8B63BE565DBAB462598342
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EEEDF5CF19B808A47F5BC625AF2350B3
Requests: 1 HTTP requests in this frame

Frame: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BCE52D52E904AED80B57981C41E2A4FA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 949AFDBA85BF47B252BA9731F5C67EDC
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 79671BABE7184E767C282629853DF829
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 825F7E6CAB84D49F1FC34ACC2C0F474C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: F47089C39221B54D464F518A9DE9750B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Frame ID: 33BCD3DCE81F8D10B810DBAC107DD246
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4CE3A903756619E8D527763E0260AC55
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4CB442CE7F0FA567E0D5EDEAA7FB798A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2C40CF53C796F3C132E5D62BC14E5F37
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6636EA8B2C41790F5D81234982B6AD40
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7C70B87F0DF9262ED40C4114F4597388
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: C9ED88A3655F3A501DDD4A429BA89008
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

70 Printable Christmas scavenger hunt clues - Between Us Parents

Page URL History Show full URLs

  1. http://betweenusparents.com/christmas-scavenger-hunt-clues HTTP 301
    http://betweenusparents.com/christmas-scavenger-hunt-clues/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

862
Requests

83 %
HTTPS

23 %
IPv6

71
Domains

134
Subdomains

104
IPs

8
Countries

6133 kB
Transfer

14432 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://betweenusparents.com/christmas-scavenger-hunt-clues HTTP 301
    http://betweenusparents.com/christmas-scavenger-hunt-clues/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 39
  • http://www.nokidhungry.org/images/NKH_Blogger_badge2.png HTTP 301
  • https://www.nokidhungry.org/images/NKH_Blogger_badge2.png
Request Chain 45
  • http://assets.pinterest.com/js/pinit.js HTTP 307
  • https://assets.pinterest.com/js/pinit.js
Request Chain 66
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586 HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Request Chain 93
  • http://ats.rlcdn.com/ats.js HTTP 301
  • https://ats.rlcdn.com/ats.js
Request Chain 95
  • http://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js HTTP 301
  • https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Request Chain 105
  • http://js.gumgum.com/services.js HTTP 301
  • https://js.gumgum.com/services.js
Request Chain 108
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 464
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 581
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=fc1682e6-64d8-11ec-8c61-1a404fd50206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=94&advUuid=fc168277-64d8-11ec-8c61-1a404fd50206
Request Chain 595
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=93&advUuid=a78a1cc0-2346-40ab-895f-16ca1f5b0b78
Request Chain 596
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=99&advUuid=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB
Request Chain 598
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=105&advUuid=8808822811383001847
Request Chain 615
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=6577755767712387454&tag_id=13079169&creative_id=328611590&creative_size=320x50&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.58&referer_url_enc=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&user_id=8808822811383001847&user_ip=91.238.82.155&age=0&gender=u&session_freq=-1&adv_id=3671971&cpg_id=15616128&cp_id=265655578&seg_ids=&adv_freq=0&site_id=3456823&publisher_id=1190210&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94dda342e000138806a%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94dda342e000138806a&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 660
  • http://cdn.tynt.com/rciv.js HTTP 301
  • https://cdn.tynt.com/rciv.js
Request Chain 679
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=yHjFDAosvdfRCyijbIn9&pi=admatic&tc=1
Request Chain 680
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 689
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=8918758925964133359&tag_id=13079169&creative_id=328611586&creative_size=728x90&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.58&referer_url_enc=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&user_id=8808822811383001847&user_ip=91.238.82.155&age=0&gender=u&session_freq=-1&adv_id=3671971&cpg_id=15616128&cp_id=265655578&seg_ids=&adv_freq=0&site_id=3456823&publisher_id=1190210&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94ebea1e3000102c69a%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94ebea1e3000102c69a&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 692
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 717
  • https://ih.adscale.de/uu?cbfn=receive&t=1640364366 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1640364366&nut&uu=12a0059abee44a4ba0a1467b5280dd8d
Request Chain 732
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=457507376384018983&tag_id=13079169&creative_id=328611585&creative_size=300x250&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.58&referer_url_enc=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&user_id=8808822811383001847&user_ip=91.238.82.155&age=0&gender=u&session_freq=-1&adv_id=3671971&cpg_id=15616128&cp_id=265655578&seg_ids=&adv_freq=0&site_id=3456823&publisher_id=1190210&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94ebea1e3000102c6d0%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94ebea1e3000102c6d0&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 760
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEH_s3a2Tocn4UWFlHQdoJTA&google_cver=1&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qvxq6p8YTN6swoRfB6Nnd HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEH_s3a2Tocn4UWFlHQdoJTA&google_cver=1&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qvxq6p8YTN6swoRfB6Nnd&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=TAeLYs0U8v68s7Jd7e3VTw&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qvxq6p8YTN6swoRfB6Nnd
Request Chain 761
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEO0WBSa8g56eACquSwATh4o&google_cver=1&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEO0WBSa8g56eACquSwATh4o&google_cver=1&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz&google_hm=0DJBwdF5R72zG_ny9TiqxQ==
Request Chain 762
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBTILIuFrd3EqThmyFnYIlA&google_cver=1&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0CEaeZh4ur8fnK77mk8VD HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBTILIuFrd3EqThmyFnYIlA&google_cver=1&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0CEaeZh4ur8fnK77mk8VD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5NzM2MTQ3MTQwMjgyOTUxNQ&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0CEaeZh4ur8fnK77mk8VD
Request Chain 763
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks
Request Chain 764
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEL2GAEdbN7qmPWc0qmbCWkE&google_cver=1&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
Request Chain 765
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKmb50tqUsadAN9YD-GS_8k&google_cver=1&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF&google_gid=CAESEKmb50tqUsadAN9YD-GS_8k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMxODUwMjgxODA1MjYyOTI1NjQ%3D&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF
Request Chain 850
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=42254dba-a42f-47fe-90f3-3a08c2461b74&_origin=1&gdpr=1&gdpr_consent=

862 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
betweenusparents.com/christmas-scavenger-hunt-clues/
Redirect Chain
  • http://betweenusparents.com/christmas-scavenger-hunt-clues
  • http://betweenusparents.com/christmas-scavenger-hunt-clues/
73 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
cfbd9ff366afcbba46d312cb9bb8357c5fee66d3540591919a6c302e3f8ef77c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 24 Dec 2021 16:45:58 GMT
Server
Apache
X-Pingback
http://betweenusparents.com/xmlrpc.php
Link
<http://betweenusparents.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/p7lBhy-2vb>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15, max=511
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 24 Dec 2021 16:45:57 GMT
Server
Apache
X-Pingback
http://betweenusparents.com/xmlrpc.php
X-Redirect-By
WordPress
Location
http://betweenusparents.com/christmas-scavenger-hunt-clues/
Content-Length
0
Keep-Alive
timeout=15, max=512
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
shareaholic.js
cdn.shareaholic.net/assets/pub/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
13d26038ec762766f7958ed656eec65150e1661669694712cd6b949c2cf205a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Dec 2021 20:43:26 GMT
Server
nginx
x-amz-request-id
ZRDTDCQJYXBA4JKZ
ETag
"9c3909812636c5c4313d338337bc9a46"
X-HW
1640364360.cds033.ml1.h2,1640364360.cds214.ml1.c
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1200, public
Connection
keep-alive
Accept-Ranges
bytes
X-Hello-Human
Join the fun! Apply at www.shareaholic.com/jobs
Content-Length
4286
x-amz-id-2
Ccx14sFgMCkIPbUegOyHDQGFq2LxyWUCuxYc8P25cTVCkKtffyNUhTCgT7cu4CHE+oD40DGBA6s=
public.css
betweenusparents.com/wp-content/plugins/pinterest-pin-it-button/css/ 		1 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/wp-content/plugins/pinterest-pin-it-button/css/public.css?ver=2.1.0.1
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
96215c4a18982853f076db794ca4dc3bf7f34d905c440eac6ee30749112356b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jun 2015 03:39:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=512
Content-Length
469
style.css
betweenusparents.com/wp-content/themes/daily-dish-pro/ 		37 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/wp-content/themes/daily-dish-pro/style.css?ver=1.0.1
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
522ce917b093449e2aa5ba01233d679cb1a561428e512d8358096a490e226393

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2016 02:54:32 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=512
Content-Length
10406
style.min.css
c0.wp.com/c/5.2.13/wp-includes/css/dist/block-library/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 05 Feb 2021 03:20:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
dashicons.min.css
c0.wp.com/c/5.2.13/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/css/dashicons.min.css
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 26 Mar 2021 20:03:48 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Alice%7CLato%3A400%2C700%2C900&ver=1.0.1
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60920f471a20be5f2d464c5c12952c44a9c1cc1e0bb5f314f632914bf4e40aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 24 Dec 2021 16:46:00 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 24 Dec 2021 16:46:00 GMT
jetpack.css
c0.wp.com/p/jetpack/8.3.1/css/ 		70 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/css/jetpack.css
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Tue, 25 Feb 2020 15:20:36 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
frontend.js
betweenusparents.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.js?ver=6.0.2
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Mar 2020 21:33:33 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=512
Content-Length
6533
jquery.js
c0.wp.com/c/5.2.13/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/js/jquery/jquery.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 17:08:53 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
jquery-migrate.min.js
c0.wp.com/c/5.2.13/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
responsive-menu.js
betweenusparents.com/wp-content/themes/daily-dish-pro/js/ 		789 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/wp-content/themes/daily-dish-pro/js/responsive-menu.js?ver=1.0.0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
b0feea714c1dbdac5aa7b7ec657cebb69aeda9e16cc4d9e40d0c9d8e6a3737b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Mar 2016 02:17:18 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=512
Content-Length
334
e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
monu.delivery/site/a/c/ 		577 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
cd16b81c5c418eabe8b4e37cc0a2cdc6fda1b5d75fefd73c31923c95cab40fdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
0
Transfer-Encoding
chunked
X-Cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Last-Modified
Tue, 21 Dec 2021 00:28:03 GMT
Server
nginx
Vary
Accept-Encoding
x-goog-hash
crc32c=EOhk7w==, md5=/t29zMb4vQRnMHfHNKXqMQ==
x-goog-generation
1640046483499852
Via
1.1 google
Cache-Control
max-age=7200
x-goog-stored-content-length
590805
X-GUploader-UploadID
ADPycdsYs7R4iYALTIBEHzvWsmtg9xCD7-XyUaiZ6G-8c1b3xB4Npd36lei1lJ7BboOlSpiXlFl6hYEnpI24i44Zs3EoWCI0hQ
Expires
Fri, 24 Dec 2021 18:46:00 GMT
Christmas-Scavenger-Hunt-Clues.jpg
i0.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-Clues.jpg?resize=640%2C427
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
06d46b268808dd72fab2fd92db6a639f8c5e508d4789da20c3cefe518d1ac2b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 12:55:55 GMT
server
nginx
etag
"cf17ceea30b01dd3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-Clues.jpg>; rel="canonical"
content-length
60038
expires
Fri, 03 Nov 2023 00:55:55 GMT
Christmas-Scavenger-Hunt-Clues1.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-Clues1.jpg?resize=300%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
759345e1bf96afe2f7a50af2a3499a815c16c9dc8d6ad1d91e8f49c92e5a52e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Nov 2021 16:44:29 GMT
server
nginx
etag
"2380ecd33b3cc80d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-Clues1.jpg>; rel="canonical"
content-length
17852
expires
Sat, 11 Nov 2023 04:44:29 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4266
date
Fri, 24 Dec 2021 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 24 Dec 2021 17:34:54 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Scavenger-Hunt-Clues-from-Tween-Us.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Scavenger-Hunt-Clues-from-Tween-Us.jpg?resize=300%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a9003fb8ab07ef488cd83fcfbde38b52680f2a6781e6ab5b9bb3e245dd8f2593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Nov 2021 12:09:28 GMT
server
nginx
etag
"db3624c7a0081f62"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Scavenger-Hunt-Clues-from-Tween-Us.jpg>; rel="canonical"
content-length
18756
expires
Thu, 09 Nov 2023 00:09:28 GMT
Printable-Christmas-Scavenger-Hunt-Clues-4.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Printable-Christmas-Scavenger-Hunt-Clues-4.jpg?resize=280%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
e64e2b0edf0e658a45c9c7648cf81b5c2084c01d35199a6f40ea9cdfd9f55f8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Nov 2021 16:44:29 GMT
server
nginx
etag
"c24bfb17cb0b74d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Printable-Christmas-Scavenger-Hunt-Clues-4.jpg>; rel="canonical"
content-length
14256
expires
Sat, 11 Nov 2023 04:44:29 GMT
Printable-Christmas-Scavenger-Hunt-Clues-7.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Printable-Christmas-Scavenger-Hunt-Clues-7.jpg?resize=250%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
4aceccfa9c85221f174b65ae2ded31c2563d5d85c3669644cd3221add7d9d3b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 06 Nov 2021 16:05:35 GMT
server
nginx
etag
"59b09ad8846c1b0b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Printable-Christmas-Scavenger-Hunt-Clues-7.jpg>; rel="canonical"
content-length
19412
expires
Tue, 07 Nov 2023 04:05:35 GMT
Holiday-Scavenger-Hunt-6.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Holiday-Scavenger-Hunt-6.jpg?resize=251%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c142e52130e32c42649db4db130aeb9b8d7a98015b74e409c8a22cb9a01be22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Nov 2021 16:44:29 GMT
server
nginx
etag
"7942211194662bfc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Holiday-Scavenger-Hunt-6.jpg>; rel="canonical"
content-length
16722
expires
Sat, 11 Nov 2023 04:44:29 GMT
Christmas-Scavenger-Hunt-2018.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-2018.jpg?resize=240%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1d1705a6c6b4d4abc8e96bc116bf18da3c52da9025ed2fec99283e4325237c8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 07:11:02 GMT
server
nginx
etag
"d2dcc0f233e09e70"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Christmas-Scavenger-Hunt-2018.jpg>; rel="canonical"
content-length
17134
expires
Wed, 01 Nov 2023 19:11:02 GMT
Holiday-Scavenger-Hunt-Clues-2019-4.jpg
i0.wp.com/betweenusparents.com/wp-content/uploads/2019/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2019/12/Holiday-Scavenger-Hunt-Clues-2019-4.jpg?resize=232%2C300
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a8107d0c473dd70c3458cd6904f08e68aa25855fe8a5422f6481b8dfc7e65cad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 12:55:55 GMT
server
nginx
etag
"e9d0e0cbc679c182"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2019/12/Holiday-Scavenger-Hunt-Clues-2019-4.jpg>; rel="canonical"
content-length
15172
expires
Fri, 03 Nov 2023 00:55:55 GMT
Printable-Scavenger-Hunt-Clues.jpg
i1.wp.com/betweenusparents.com/wp-content/uploads/2018/12/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/betweenusparents.com/wp-content/uploads/2018/12/Printable-Scavenger-Hunt-Clues.jpg?w=600
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
78896aa44daa2f06b03629a5f826939da0bbc72ddcddf8a72a69679e1618acb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 18:39:39 GMT
server
nginx
etag
"fe4c604c448b75fb"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2018/12/Printable-Scavenger-Hunt-Clues.jpg>; rel="canonical"
content-length
119726
expires
Wed, 20 Sep 2023 06:39:39 GMT
pin_it_button.png
i0.wp.com/assets.pinterest.com/images/pidgets/ 		472 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.pinterest.com/images/pidgets/pin_it_button.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
46c1216e273616fff4850dd9092e9a7a2d5d55cec93a8a3810302208133794c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:23:33 GMT
server
nginx
etag
"78588877faf6e764"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://assets.pinterest.com/images/pidgets/pin_it_button.png>; rel="canonical"
content-length
472
expires
Sat, 05 Nov 2022 20:23:33 GMT
BUP-facebook-1.png
betweenusparents.com/wp-content/uploads/2016/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-facebook-1.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
672cada93d9ba45aed9a8cd818e9ee918ecd00cca1149cbf4a87fb479eabaae3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:18 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=511
Content-Length
4419
BUP-youtube.png
betweenusparents.com/wp-content/uploads/2016/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-youtube.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
6b27080d88dbe5bce3946fc60c6e7f70a9470bc0225200a0c497650909c2cea3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=511
Content-Length
5244
BUP-twitter-1.png
betweenusparents.com/wp-content/uploads/2016/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-twitter-1.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
fd7655f0dd91ac92c4d1e076a3bd11b92d98428e14b40403f5f6e9d9d04ba5ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:15 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=510
Content-Length
4751
BUP-pinterest_edited-1.png
betweenusparents.com/wp-content/uploads/2016/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-pinterest_edited-1.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
675460a5f8ea099760c1d3f16de4fcd79b3f00cdcfc7925dc69f4ff1e8ecc974

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:13 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=510
Content-Length
6502
BUP-google-1.png
betweenusparents.com/wp-content/uploads/2016/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-google-1.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
0876851e1dbc04e47be8ea656082399e610a7c0048064ee713733e4d42cfa36c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=512
Content-Length
5191
BUP-insta.png
betweenusparents.com/wp-content/uploads/2016/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-insta.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
1c40ff524160915c634c9c4d52c18c19dac8acf14dd57568860cf335fd30cc37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 04:46:10 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=510
Content-Length
6141
Shannan-BioBox.png
i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/Shannan-BioBox.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
660fb70b3682b3fc1462bdfd76a396fc99d1b3bdb26e56731093606b89da58bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:18 GMT
server
nginx
etag
"435d899940c2fabf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/Shannan-BioBox.png>; rel="canonical"
content-length
21914
expires
Sun, 06 Nov 2022 10:59:18 GMT
BUP-Subscribe-2.png
i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Subscribe-2.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
6b34cdb49a6b0735d1dbabe5a0192c63f0210b516763af8bc56cbc1d554f2992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"c0b9756e20f4c59a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Subscribe-2.png>; rel="canonical"
content-length
3844
expires
Sun, 06 Nov 2022 10:59:17 GMT
BUP-Teens_edited-1.png
i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Teens_edited-1.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
26873785c8abcd72a8981e4eaf6bba59cb34de72dc062610ec339ed5c0ebcc26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Nov 2020 13:44:29 GMT
server
nginx
etag
"694e4a4806e07e15"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Teens_edited-1.png>; rel="canonical"
content-length
1366
expires
Wed, 02 Nov 2022 01:44:29 GMT
BUP-Taste-Treats-1.png
i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Taste-Treats-1.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
93cf73d27640f5b49e2094b5dd58b2d23d596aa5f071605207600ea8fee1d126
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"e3d7f333fd8e9985"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Taste-Treats-1.png>; rel="canonical"
content-length
2114
expires
Sun, 06 Nov 2022 10:59:17 GMT
BUP-TV-Movies-2.png
i1.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-TV-Movies-2.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3bf31d3bb30bfc934b26061f68b8b95ba5487c7d715ad488270e250f2e447b33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Nov 2020 13:44:29 GMT
server
nginx
etag
"2d6ac66901021ad1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-TV-Movies-2.png>; rel="canonical"
content-length
1978
expires
Wed, 02 Nov 2022 01:44:29 GMT
BUP-Disney.png
i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Disney.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ecd3394fe295cf8c645fa21f81ee6255b96e660ccf4f24dc229a35c868adae1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"b646d88c067f0d5e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Disney.png>; rel="canonical"
content-length
1050
expires
Sun, 06 Nov 2022 10:59:17 GMT
BUP-Travel-1.png
i1.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Travel-1.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c46f266191f9429ac1792fcb91750961bef967e5dcc4ccf83ba72315ada42fd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"100654638dfd47aa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Travel-1.png>; rel="canonical"
content-length
1270
expires
Sun, 06 Nov 2022 10:59:17 GMT
BUP-Stitch-Fix-1.png
i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/BUP-Stitch-Fix-1.png?w=290
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
49107d30d80dc946b41a979b8dc08bdc9c942c864a2d5f337f703f0a31e0a1b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"083718ba2e574eb7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/BUP-Stitch-Fix-1.png>; rel="canonical"
content-length
1794
expires
Sun, 06 Nov 2022 10:59:17 GMT
widget.gif
i1.wp.com/www.bloglovin.com/widget/bilder/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.bloglovin.com/widget/bilder/en/widget.gif
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
7c78577512199119d658239f63bdc870ef17185848d0ed1c51b6df07be6458f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Oct 2021 10:45:12 GMT
server
nginx
etag
"df4268f3bc41b666"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://www.bloglovin.com/widget/bilder/en/widget.gif>; rel="canonical"
content-length
1082
expires
Fri, 06 Oct 2023 22:45:12 GMT
badge-alum.png
i1.wp.com/listentoyourmothershow.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/listentoyourmothershow.com/badge-alum.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
dbd33f805b2e94b255c73da5fca6fe75b130b00af1a9ee3d331060b087bb604b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Jun 2020 12:55:32 GMT
server
nginx
etag
"661ddfd6a81bbddf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://listentoyourmothershow.com/badge-alum.png>; rel="canonical"
content-length
3960
expires
Tue, 14 Jun 2022 00:55:32 GMT
NKH_Blogger_badge2.png
www.nokidhungry.org/images/
Redirect Chain
  • http://www.nokidhungry.org/images/NKH_Blogger_badge2.png
  • https://www.nokidhungry.org/images/NKH_Blogger_badge2.png
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nokidhungry.org/images/NKH_Blogger_badge2.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Via
1.1 varnish, 1.1 varnish
Age
57747
X-Cache
HIT, HIT
X-Cache-Hits
2, 1
Connection
keep-alive
Content-Length
162
X-Served-By
cache-mdw17353-MDW, cache-maa10223-MAA
Server
nginx
X-Timer
S1640364361.058735,VS0,VE1
Vary
Cookie, Cookie
Content-Type
text/html
Location
https://www.nokidhungry.org/images/NKH_Blogger_badge2.png
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Styx-Req-Id
8605c897-6452-11ec-aa2e-66b804aba09a
X-Pantheon-Styx-Hostname
styx-fe4-a-678589d996-gjwfs
bloggerbadge_150x150.png
i2.wp.com/www.chicagoparent.com/content/images/ 		65 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.chicagoparent.com/content/images/bloggerbadge_150x150.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
EXPIRED hhn 3
date
Fri, 24 Dec 2021 16:46:00 GMT
server
nginx
content-type
text/html; charset=utf-8
erma.jpg
i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/betweenusparents.com/wp-content/uploads/2016/03/erma.jpg
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
064c0ed336c490126870df89bbed33d1ffb5df27fb6e8b6e29108de23aa2bb93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:59:17 GMT
server
nginx
etag
"0de48e20e876eeb3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://betweenusparents.com/wp-content/uploads/2016/03/erma.jpg>; rel="canonical"
content-length
24002
expires
Sun, 06 Nov 2022 10:59:17 GMT
load.min.js
s3.amazonaws.com/cgc-badge-v2/ 		0
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cgc-badge-v2/load.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.205.245 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Last-Modified
Fri, 07 May 2021 06:33:05 GMT
Server
AmazonS3
x-amz-request-id
6MNXVZEG0NP9NJRX
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
riAWUBBNR2O4Rd64WBAHtSApmYURUsv+UWtdAmOSqjAswbc4HJ+jBZev+ODZB5V5ePtanDneZ4w=
common.js
s3.amazonaws.com/cgc-badge-v2/ 		0
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cgc-badge-v2/common.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.205.245 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Last-Modified
Fri, 07 May 2021 06:33:05 GMT
Server
AmazonS3
x-amz-request-id
6MNPWRKNNFY4QPXY
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
Di6ZuyJ2lobIYp3AsZuutCCBpUqINRLIpsUQEhmPZgaFR0u4b1obzbmE8B3Mm4yZABnDlVn2p3g=
oRIB0614qlqLXT96oua5tF54uBA3pjWS.js
badge.clevergirlscollective.com/v2/ 		0
271 B 		Script
General
Check archive.org
Download Go to
Full URL
http://badge.clevergirlscollective.com/v2/oRIB0614qlqLXT96oua5tF54uBA3pjWS.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
34.209.120.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-120-242.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Sun, 06 Dec 2020 21:55:33 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5fcd5355-0"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
pinit.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit.js
  • https://assets.pinterest.com/js/pinit.js
361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
2a02:26f0:6c00:28e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=184
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN

Redirect headers

Location
https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason
HSTS
photon.min.js
c0.wp.com/p/jetpack/8.3.1/_inc/build/photon/ 		755 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/_inc/build/photon/photon.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 15:04:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
gprofiles.js
secure.gravatar.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=2021Decaa
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Thu, 02 Apr 2020 15:50:36 GMT
server
nginx
etag
W/"5e8609cc-5dea"
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 31 Dec 2021 16:46:00 GMT
wpgroho.js
c0.wp.com/p/jetpack/8.3.1/modules/ 		1 KB
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/modules/wpgroho.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2019 21:15:29 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
comment-reply.min.js
c0.wp.com/c/5.2.13/wp-includes/js/ 		2 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/js/comment-reply.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 26 Mar 2021 20:03:48 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
wp-embed.min.js
c0.wp.com/c/5.2.13/wp-includes/js/ 		1 KB
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.2.13/wp-includes/js/wp-embed.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Fri, 05 Feb 2021 03:20:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
spin.min.js
c0.wp.com/p/jetpack/8.3.1/_inc/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/_inc/build/spin.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a5307da44321773c9f46b34d756dcbd6cd427238e5cbad91cd2cf151513ec283
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Wed, 01 May 2019 01:21:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
jquery.spin.min.js
c0.wp.com/p/jetpack/8.3.1/_inc/build/ 		2 KB
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/_inc/build/jquery.spin.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
36ad0edaf88cb19e7cbdae22470c1f124f02fd5673bf6144c0a7a9f0a8fef987
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Wed, 01 May 2019 01:21:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
jetpack-carousel.min.js
c0.wp.com/p/jetpack/8.3.1/_inc/build/carousel/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/8.3.1/_inc/build/carousel/jetpack-carousel.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a9261574e7afe310f6aad5c96c0fddd7a080e71839332d620348e98d0badcc14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 15:04:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sat, 24 Dec 2022 16:46:00 GMT
e-202151.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202151.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn
date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 11 Dec 2022 21:00:11 GMT
css
fonts.googleapis.com/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bitter
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/wp-content/themes/daily-dish-pro/style.css?ver=1.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
957ad0b51445cc8397e42d7d7350d9006b4aaa7e96a73e5d04b899a78175e357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 15:20:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:46:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:46:00 GMT
light-blue-chevron-backgrounds-fashionplacefacecom-7804-1.png
betweenusparents.com/wp-content/uploads/2016/03/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/light-blue-chevron-backgrounds-fashionplacefacecom-7804-1.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
55dce838acab15b31afe77d8ae3d8da0fc171133d078d83e0712c76d7df0d4d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 02:52:38 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=511
Content-Length
133894
BUP-final-teals.png
betweenusparents.com/wp-content/uploads/2016/03/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://betweenusparents.com/wp-content/uploads/2016/03/BUP-final-teals.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
e6bc53436c9d91ee4207f9514e664a6b0a945582de81f72d1b04ac998918e685

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Last-Modified
Tue, 15 Mar 2016 05:44:30 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=511
Content-Length
46160
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Alice%7CLato%3A400%2C700%2C900&ver=1.0.1
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 22 Dec 2021 18:11:28 GMT
X-Content-Type-Options
nosniff
Age
167672
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
22572
X-XSS-Protection
0
Last-Modified
Tue, 10 Aug 2021 00:18:56 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Thu, 22 Dec 2022 18:11:28 GMT
OpNCnoEEmtHa6GcOrg4.woff2
fonts.gstatic.com/s/alice/v18/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/alice/v18/OpNCnoEEmtHa6GcOrg4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Alice%7CLato%3A400%2C700%2C900&ver=1.0.1
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73f21482958d69c7fb4481ea9f7741fe64be178081ef506805bd7bbd67cbff70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 00:38:52 GMT
X-Content-Type-Options
nosniff
Age
58028
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
25212
X-XSS-Protection
0
Last-Modified
Wed, 15 Dec 2021 02:53:56 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Sat, 24 Dec 2022 00:38:52 GMT
raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
fonts.gstatic.com/s/bitter/v19/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bitter/v19/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fbfbe4f76c7cba63ceab257e1efa4eb79fc0389b16c097dabd20c87425da91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:26:36 GMT
x-content-type-options
nosniff
age
328764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 23:21:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 21:26:36 GMT
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28

Request headers

Referer
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Alice%7CLato%3A400%2C700%2C900&ver=1.0.1
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 20 Dec 2021 18:12:30 GMT
X-Content-Type-Options
nosniff
Age
340410
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
22992
X-XSS-Protection
0
Last-Modified
Tue, 10 Aug 2021 00:18:57 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Tue, 20 Dec 2022 18:12:30 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Alice%7CLato%3A400%2C700%2C900&ver=1.0.1
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 20 Dec 2021 21:13:45 GMT
X-Content-Type-Options
nosniff
Age
329535
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
23484
X-XSS-Protection
0
Last-Modified
Tue, 10 Aug 2021 00:19:01 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Tue, 20 Dec 2022 21:13:45 GMT
main.js
m9m6e2w5.stackpathcdn.com/v2/c4fde772/ 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c9658d89a2b75cf01eece772c4eb5ad9d49cc902d0214484c697bcb9465d8cf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 20:43:23 GMT
server
nginx
x-amz-request-id
05GZ8JM87HDD2Y3V
etag
"7bf541b64e08e33a1ced3d450ba86ca3"
x-hw
1640364360.cds003.ml1.hn,1640364360.cds007.ml1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
41695
x-amz-id-2
aiMlKv8pN78Qw8A4jbWuzuQEWEemHbWwAM9PaqznDzsmXNc/AlVgXErYyquRz1Wkc0BXttZVN9E=
5ef587aef2adc3ffb08df8ec5e44211c.json
www.shareaholic.net/config/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shareaholic.net/config/5ef587aef2adc3ffb08df8ec5e44211c.json
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-100-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
162abdf70510a7742c5dc313440ad7fe35a7ef80c420f1861d14558d19b8519d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-client-geo-country
DE,Deutschland
date
Fri, 24 Dec 2021 11:43:20 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
content-length
1475
server
nginx
x-client-geo-region
HE,Hessen
x-client-geo-metrocode
etag
W/"162abdf70510a7742c5dc313440ad7fe"
access-control-max-age
2000
x-client-geo-city
Frankfurt am Main
x-varnish
512383772 507392598
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
60313
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
50.118800,8.684300
likebox.php
www.facebook.com/plugins/ Frame 573C
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&app...
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&ap...
14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c62960b5051246e040079073dd0ca57db0e0f7c92bc7273a0f596b4d31bc3bb7
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
LSKXP0Yat36lYO9GZJYseXeSY2AcbRVfxxC7TCFTcm98MPg+3ESpk4AEt5jfM3hQjLMMuQrAzHYM8hHJDMzBZA==
date
Fri, 24 Dec 2021 16:46:00 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1664650026&t=pageview&_s=1&dl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ul=en-us&de=UTF-8&dt=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=1556468571&gjid=353620054&cid=1792763845.1640364361&tid=UA-75237338-1&_gid=477571320.1640364361&_r=1&_slc=1&z=499964189
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
wfWsNMDQi8NbvyoZog8JRXxyLnmHkWw9Kd7IjVHMvNyrCFZfI2t0Fu6JJE3qk/gt1Z0IoujRD1ydtYPQJhq2zA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
L1ZYoBdzI6jZMtC26xRsYS3bEDK4etTwVQOvl9Z4s8nK3iJRuAQozyqazKonfZT64F0Xfjr25VftSnZMb6uU5Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
32 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
VxxXGghfAvhog9Kqr5JU/0gW0OUP8W/xU71SGhfGLDIdmgLygZ1HK0UpAr9RJeAX9uGAoxjhtKpLnqgWtQ7GFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
34 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
Q6GhpVm9KU9Pj+KLzeW7kVDLD+pTStjkwswj6PKTm8Xb/iFP4HYwj6rl6DYiIl5GWcxyp0OTA+ukTTTqp8kwKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
kYl1nz8rmfCtmdlx4K4Jl0XhtSsNBmcan/wtD0XZHLo7ocDbywKzFd7jALUlsuYPHsrfHGFgzP/vKNucn8tthA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
4EB3bDg2dgFNzjumHsvfYqDj/dpJt+KHek9PRLsRYtcK48N6OtcNRP3o021P853MD8LiWx+GrhqDPddoMFZqHQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
S7Tz03Jgm1kpuZ2jbVjX/K2LZwNUadS0hjOuo70AMpkkPgZ6KEG5IUw6/dZu+RqWg5Kgohdxr6IOSsYd+k7U9A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
MS1C5YOZ3uFBlUa0XNDP/CD8SHHE9xeLFOEOKF3URmgG0kBaQayM8VOm70q6rAUokuzbosDbGScJxXL5xiPdZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
LM2yyxarrDluRtCTGAaet4u5omvtWP3l5piEcsNIN5TyXXXIMPFiLam12kspNfK2HeOJ9zzSJk5/XnKpFshNGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
oFOVdzmXKlzcwF/XG7br5jwtxiAcVgLz/ZJwzF7jy/aLSvZr4W507+4t/kzzWeNeCIkSAtyqb6FY9BxrV9WEsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
933vw/0cKYKO3K+px8ZpT7mK0GkzN5aV2W4zutnhluek9pMZe3SfGPo80CgGXdLtXqu3aEPCNiTOfpeBE4VwyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
0MAErOEP1jegOqqDHLXfxI2Be+a8PVQCt6/Cow3gIY4sgbXYjgsoEQrZL5XL/iIbBwdPMvqeUoszAPhEIAzY6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
0zWAdP8C++rVFQ8HMleyU6Yn5KXfkA0ee7bMRnXoojOVcghsqh0FumJUgVs1e7DIcLjj+6CRONv1uxHYm9hdKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
/F5I+wg3oZ50Rq8TLnMTF59OCSEBkDD9GdDpTOdSf2824wEUlOhgJQQRz/Kv9VNGKqOSKR9XNdrgLwaSYI53qA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
OoEH5FBixq3PujVnSZzbJu+yuFGlxYyyNB+I0TUfagzhgVsDqmxYomNUqyCtWf+Bm4qfRIFkqdz699sEj+w9wg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
8yAmiVZMxyhwnSCOaSLHkxjs+FMHURgsAvE5yKBB/Uv9asDMn3AQLENmHuQDa0s2pVRTR2ZljnHTY6dzgtIE3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
2UMUGZwoTTRTYtrjk0zUTi/aSBM6fkcEQPpFf6Tse5Ek0AWqmyw6nR3Lop/MEtxFcemR1qe3P6Ta9vb/7sriaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
YGKPPiBMI8jua1NyzKvU6P8Z5wja5a759I3yXdcObmtavEQzoJIdFCfdVO5Ak3lyYrMPq2lH9J8rU4upm5febg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
78XeYw+kS5yBF1zizN1gpv3ZB9OAgMXzFdWe6wdg7qBbsN0MXju6UzVkm5jpxwa/qvwq0MQ+J0J9pc0CqkIHdA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
aCR6U9IPj/jRc7WVhBolONEquqkjTseUFN0EC93mPmMPVYV+1/7ciL8WiQ/kUl2d76qQm23GPiBCa/FMLf/wGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 573C 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?minimize=0
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
XQeRYtYCD21pOab6VFU7nX3QfPnFXoDpKWFAmBhIZ4j/FTE9L/pTPg4kTl0Q8V5aKxhPqX6A78vQg98T9oRWIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 24 Dec 2021 16:46:00 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
0nho7Ra7ngh.css
www.facebook.com/rsrc.php/v3/yt/l/0,cross/ Frame 573C 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yt/l/0,cross/0nho7Ra7ngh.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7da5fcb2e9e03855194b805494707e8c895193a199e2a7509fbea65b0a81381
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FMomFactually&width=250&height=258&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false&appId=425947544113586
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 20:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G4WnT8lLUcPnlEoxWHB8Qg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
content-length
4673
x-fb-rlafr
0
x-fb-debug
OBPYynYQSM4KgBsnZc8H4h2nsupyptg+cOppwEHh4Y0rVft7p7rtlH/oMk8Pr8vMtWfTM5QCOv2beVvVWjsYJQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 10 Dec 2022 20:56:06 GMT
e
analytics.shareaholic.com/ 		43 B
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.113.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-113-242.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:01 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
hovercard.min.css
secure.gravatar.com/dist/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://secure.gravatar.com/dist/css/hovercard.min.css?ver=2021Decaa
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Decaa
Protocol
HTTP/1.1
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Nov 2020 15:57:10 GMT
Server
nginx
ETag
W/"5fac09d6-1e86"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 31 Dec 2021 16:46:00 GMT
services.min.css
secure.gravatar.com/dist/css/ 		3 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://secure.gravatar.com/dist/css/services.min.css?ver=2021Decaa
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=2021Decaa
Protocol
HTTP/1.1
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Mar 2018 09:46:04 GMT
Server
nginx
ETag
W/"5ab37b5c-a54"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Fri, 31 Dec 2021 16:46:00 GMT
ats.js
ats.rlcdn.com/
Redirect Chain
  • http://ats.rlcdn.com/ats.js
  • https://ats.rlcdn.com/ats.js
109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
gzip
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
14392
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Fri, 24 Dec 2021 12:46:10 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
XWodMKNEk9hyOM4yiaXiauaUY3rvW3nlpkVA_4vTaD83MBlVVr-Uew==

Redirect headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://ats.rlcdn.com/ats.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
rpXPMQKhZOSn8L0dtHki_93z9jG9IsNS67v9tJMDvI0T9-XCPGPAWw==
config.js
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		551 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05fa8406ce3b494e305c990796980678bf57aafe72f5e785a3905bd34af1d7a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Content-Encoding
gzip
Age
1802
X-Cache
HIT
Connection
keep-alive
Content-Length
87148
x-amz-id-2
7GoQ8Tc/d/t/pRIN/BuwWpFbFDpYXjfHrg8ebBRhq7deJ1p+LcXDRUbYpFM391xpbp3BflXdUFk=
X-Served-By
cache-fra19177-FRA
Last-Modified
Fri, 24 Dec 2021 14:07:29 GMT
Server
AmazonS3
X-Timer
S1640364361.964352,VS0,VE0
ETag
"ea9b0bc09cbe2c5b46c2382684add3fe"
x-amz-request-id
VX44T86YAKNRDA9V
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
30
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/
Redirect Chain
  • http://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
  • https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 19:32:23 GMT
server
AmazonS3
age
43254
etag
W/"4c3e8f251a140b2e06634712ba322640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 24 Dec 2021 04:45:08 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Db4sQuIetAVkS4tLypINGMqS4hp0blgz3-93m06Xr-z45UbCRzLaAg==

Redirect headers

Date
Fri, 24 Dec 2021 16:46:00 GMT
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
3puE2XgPiEI-5CiwmSmJFM0x3UaJbVtnnEOGylcaXzQRB-_Gd8dzlQ==
geo.json
ipwatch.monu.delivery/ 		216 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ipwatch.monu.delivery/geo.json
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
server
nginx
content-type
application/json, application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, public, no-transform
connection
close
content-length
216
expires
Fri, 24 Dec 2021 17:46:00 GMT
g.gif
pixel.wp.com/ 		50 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A8.3.1&blog=108582556&post=9621&tz=0&srv=betweenusparents.com&host=betweenusparents.com&ref=&fcp=3680&rand=0.12873255131454364
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 24 Dec 2021 16:46:00 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.42078650707458665
Requested by
Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=185
accept-ranges
bytes
content-length
18679
access-control-expose-headers
X-CDN
buttons.js
m9m6e2w5.stackpathcdn.com/v2/c4fde772/ 		178 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/buttons.js
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
d2383e4d42eba639dffc88a0bbe86cf4f950ee3f9ffcb7122ce19fd46bebb988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 20:43:24 GMT
server
nginx
x-amz-request-id
ZRDV4MZTH7QFSMAM
etag
"e2019c4efda640f9b4f3f9922e4b20d4"
x-hw
1640364360.cds003.ml1.hn,1640364360.cds019.ml1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
37523
x-amz-id-2
pe6GPEt9WXoFJXYJ/4lzA3QzwYBPpsof2AhtleGItkXTKtOyq4lv2ceZuO3mLXrIlXAnHnIQYo4=
recommendations.js
m9m6e2w5.stackpathcdn.com/v2/c4fde772/ 		92 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/recommendations.js
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 20:43:24 GMT
server
nginx
x-amz-request-id
ZRDK7H1PS6PXZRZ8
etag
"bd2f6bef184f7e22b7efe36558d084d4"
x-hw
1640364360.cds003.ml1.hn,1640364360.cds007.ml1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
12624
x-amz-id-2
npswiSmEpOq7suq9OQsmfa9FbFW0XHaoGeli25p9PRr3YC61S7+6Slk3qcUelGOuEchmNfUoA3c=
affiliatelinks.js
m9m6e2w5.stackpathcdn.com/v2/c4fde772/ 		997 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/affiliatelinks.js
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 20:43:23 GMT
server
nginx
x-amz-request-id
ZRDTNWWDSE67Z882
etag
"99e5164c1e3f1deebc20ff6fd1e5eae7"
x-hw
1640364360.cds003.ml1.hn,1640364360.cds032.ml1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
591
x-amz-id-2
+YF55rrDLOa5YktTACU9d1FMNPGZZCjBjlwtx3IIFUKI7K/nkWBC3jP085e8zb1YbOSlcH0XPG8=
anchorad.js
m9m6e2w5.stackpathcdn.com/v2/c4fde772/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/anchorad.js
Requested by
Host: cdn.shareaholic.net
URL: http://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1d2edfe4b9da6657460275a1e6ed9d7e114848f0b531ff229774a2dc92a60faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:00 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 20:43:23 GMT
server
nginx
x-amz-request-id
ZRDY1YD1PEGPSKD4
etag
"6b55e8bbf14ff4a3e432401e0755c778"
x-hw
1640364360.cds003.ml1.hn,1640364360.cds208.ml1.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
2514
x-amz-id-2
w+CVFb2EAHCaqA/GSs1c1IBXTArBJps02vS4sf84rhZJIHmkUmSuZPJ8DtZlkz8ZM7GateO1O1k=
partners.js
partner.shareaholic.com/ 		0
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&cl=en-US&id_sync=2cafc234-2f91-4ac7-b4c8-8aabb24671c0&minify=1&pvs=1&site=5ef587aef2adc3ffb08df8ec5e44211c
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-147-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:01 GMT
vary
Accept-Encoding, User-Agent
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=utf-8
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
0
Transfer-Encoding
chunked
X-Cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Last-Modified
Tue, 25 Aug 2020 07:36:03 GMT
Server
nginx
Vary
Accept-Encoding
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation
1598340963244234
Via
1.1 google
Cache-Control
max-age=31104000, public
x-goog-stored-content-length
4733
X-GUploader-UploadID
ADPycdvl3OOZaB4yssdVt6w0nZXVpxEgeZSH1Sm69w341OGBNlqhthXJkOQcqB-imYPHqUX0c8noKaPERRFXA89WAVMn39IwZg
Expires
Mon, 19 Dec 2022 16:46:01 GMT
services.js
js.gumgum.com/
Redirect Chain
  • http://js.gumgum.com/services.js
  • https://js.gumgum.com/services.js
101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5cedf99914432d9e4ee9a1a34a25e36dd15e3b631790105bd70af261c7d7126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
tZlZ4g6wtbdwTHX30BCzt0GeK8VeZhPj
content-encoding
gzip
etag
W/"31601d466a006baa76f5f0fa9de98c6d"
age
6467
x-cache
Hit from cloudfront
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 20:35:30 GMT
server
AmazonS3
date
Fri, 24 Dec 2021 14:58:15 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hbXpCNdR2vU4hMYXmAWdb9LRi7gl7vS3vB6ZkRVpp5J2BXG4z1YEBw==

Redirect headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://js.gumgum.com/services.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Z43-MHAb5LbIfdEA_Snill7sgUHHxlqK_nkswBZt2BFFCyk4zU5UcQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
Content-Encoding
gzip
ETag
1e39d25f07f5619925357b752ab10d04
Age
629
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
Server
x-amz-rid
1GXGC0AGR82M9ETEV78G
Date
Fri, 24 Dec 2021 16:35:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Ubj_DAgWbEMexrns58vk-oZfUScTX1R3SGHsRLnxCMjP2tQ7Amd99g==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Dec 2021 16:40:54 GMT
Server
Apache
ETag
"761e77-930a-5d3e704c64bf0"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3402
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Fri, 24 Dec 2021 17:42:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1080 / 267 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26915
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Dec 2021 16:46:01 GMT

Redirect headers

Date
Fri, 24 Dec 2021 16:21:04 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1497
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Content-Length
249
X-XSS-Protection
0
Expires
Fri, 24 Dec 2021 16:51:04 GMT
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
55641
cf-ray
6c2b4da8a8c24e38-FRA
content-length
28567
x-amz-id-2
JRuATVnhK5aTWebrb/UxEx668VPTef9xrWWoafFq1mrvOYUxBj2865eVYh+xN7Y/BElkqf0Gcj4=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
T5CV2HSV57XY278Z
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 31 Dec 2021 16:46:01 GMT
/
recs.shareaholic.com/rec/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://recs.shareaholic.com/rec/?asid=784270&location=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&canonical=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&internal=8&sponsored=4&api_key=5ef587aef2adc3ffb08df8ec5e44211c&hp=betweenusparents.com&cl=en-US
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.31.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-31-218.compute-1.amazonaws.com
Software
/
Resource Hash
1f0c3506df8425231e561ea7caa9fb65452e170f397e8b6c1c255595e6df58ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
access-control-expose-headers
X-Client-Auth
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1820
expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ 		422 B
332 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Shadows+Into%20Light&display=swap
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75933255bb57864e50e41474bc6d67a2ea442d88c63dea7e4b50627d40cc0446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 15:24:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:46:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:46:01 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ 		189 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Content-Encoding
gzip
Age
15
X-Cache
HIT
Connection
keep-alive
Content-Length
61460
x-amz-id-2
mhjLBwq4ofP4Ht18aFXJwavbMA7sAA+j53tdu5a+bQynUB9jggNi8MPZBXPh5JJbJapjzT+KHSM=
X-Served-By
cache-fra19177-FRA
Last-Modified
Thu, 02 Dec 2021 17:00:39 GMT
Server
AmazonS3
X-Timer
S1640364361.044973,VS0,VE0
ETag
"0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id
K526S02KR1DXHTEX
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
8
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 14:07:49 GMT
via
1.1 910a343c3141ba3fe805e18bded62491.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
9492
x-amzn-requestid
bbe10dfe-37ca-472f-a38a-1d730ff30b00
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA50-C1
x-amz-apigw-id
K24YYFmkCYcF7Jg=
content-length
555
x-amz-cf-id
3I-QbUk1Brf5w-BZdkeYofDCJIOCaggsMjixBBpsKe9b8EAhkG4dow==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
16637
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 24 Dec 2021 12:08:45 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
EyvoMAWbgaNHKgFcaGETamakdFakPqZr8sMm6xUA_9OM9YLrQKxmWw==
identity
api.rlcdn.com/api/ 		0
0
rid
match.adsrvr.org/track/ 		0
0
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fbetweenusparents.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 14:58:13 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
age
6467
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
57
x-amz-cf-id
XBIb4Uc3I9466kFm6Tpe2Z4RGp0o1grjBN69j-aWd2oK8Wjq3CdBFg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
Content-Encoding
gzip
ETag
W/"a4d296427fc806b21335359e398c025c"
Age
33398
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 22 Dec 2021 01:41:37 GMT
Server
AmazonS3
Date
Fri, 24 Dec 2021 07:29:24 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
lFmQsBSpZXUSuzX1Ez8QGSEuYy7NrGGjS8zCGyI0RT7u0kZ9zf4lAQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
arrow_version_1.svg
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/arrow_version_1.svg
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
x-amz-request-id
ZRDMZZ0EGB02NPT4
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
content-length
992
x-amz-id-2
cjofJJOgWqaFTdFAdVqSidBc80ug/e07gJumE/SqYHvpfIf395DIlxry59NwHE4NIdpXzT/OQ4M=
last-modified
Tue, 21 Dec 2021 20:22:04 GMT
server
nginx
etag
"65040d5636978b7e56e7db1e463c43f6"
access-control-max-age
2000
x-hw
1640364361.cds032.ml1.hn,1640364361.cds016.ml1.c
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
ETag, Access-Control-Allow-Origin
cache-control
max-age=31536000, public
accept-ranges
bytes
UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolight/v10/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into%20Light&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 20:19:13 GMT
x-content-type-options
nosniff
age
505608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16288
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 20:19:13 GMT
shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer
http://betweenusparents.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
x-amz-request-id
05GTRKQJPSXZKMYH
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
content-length
20572
x-amz-id-2
AK36MaTXSsYwGpirA3YD/hpc9HT/l0q7xRizE5/7k9T+dSFHUiEL+1GA8S3K4K+f5ZeIr2EZFYg=
last-modified
Tue, 21 Dec 2021 20:22:04 GMT
server
nginx
etag
"0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
access-control-max-age
2000
x-hw
1640364361.cds032.ml1.hn,1640364361.cds013.ml1.c
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
ETag, Access-Control-Allow-Origin
cache-control
max-age=31536000, public
accept-ranges
bytes
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Dec 2021 16:46:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		99 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1221390ef78227431d02a340db131a202d5b699399207ddf694b36dbf8657305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Fri, 24 Dec 2021 16:46:01 GMT
headerstats
as-sec.casalemedia.com/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:01 GMT
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
Server
Apache
Access-Control-Allow-Origin
http://betweenusparents.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Fri, 24 Dec 2021 16:46:01 GMT
ping
api.viglink.com/api/ 		233 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.64.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-64-153.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
319899a0d96ea568e9b56f2eb5ee65a59627a33160341ea4b720ce683546d94d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:01 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
233
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame CB60 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Server
2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:01 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-GUploader-UploadID
ADPycdvoqZvvxPHo_H1bWwn2sM5W9unPT-kRO1SwU5kR6DV9_UCQxuJw3I6YoDtc5LhRhIB7ssqzDasC0I6CodxkhNYZx2tTnw
Expires
Mon, 19 Dec 2022 16:46:01 GMT
Last-Modified
Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation
1598340969597109
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class
STANDARD
Cache-Control
max-age=31104000 public
Age
0
X-Cache
HIT
Content-Encoding
gzip
Via
1.1 google
admin-ajax.php
betweenusparents.com/wp-admin/ 		77 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://betweenusparents.com/wp-admin/admin-ajax.php?action=shareaholic_share_counts_api&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&services%5B%5D=twitter&services%5B%5D=facebook&services%5B%5D=pinterest
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
HTTP/1.1
Server
149.47.142.178 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS
tang.asoshared.com
Software
Apache /
Resource Hash
57ba102c1cd662cbab6659e0b3d5a75c47d9a231a77b10ae208b5db34029c7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
Keep-Alive
X-Robots-Tag
noindex
Vary
Accept-Encoding
Content-Length
87
X-Content-Type-Options
nosniff
Keep-Alive
timeout=15, max=510
Expires
Fri, 24 Dec 2021 17:01:02 GMT
domains
api.viglink.com/api/ 		79 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.64.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-64-153.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
d4edf6606b3b0aa156e01b221b0849218cd4e79af76680ab86faa7ebfd0b684c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:01 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
79
Expires
Thu, 01 Jan 1970 00:00:00 GMT
e
go.shareaholic.com/ 		43 B
381 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://go.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.113.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-113-242.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:01 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
christmas-present-83119_1280.jpg
i1.wp.com/betweenusparents.com/wp-content/uploads/2019/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i1.wp.com/betweenusparents.com/wp-content/uploads/2019/12/christmas-present-83119_1280.jpg?fit=640%2C427
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
95635ac34d5e549cc7689659b11befd5be4c9e3063b2e4ddd8d0dcdebdd4ee71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
27572
X-nc
HIT hhn 1
Last-Modified
Thu, 23 Sep 2021 12:54:55 GMT
Server
nginx
ETag
"56d6e224275e74ba"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2019/12/christmas-present-83119_1280.jpg>; rel="canonical"
Expires
Sun, 24 Sep 2023 00:54:55 GMT
money-2724241_1280-1024x691-3.jpg
i0.wp.com/betweenusparents.com/wp-content/uploads/2020/01/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i0.wp.com/betweenusparents.com/wp-content/uploads/2020/01/money-2724241_1280-1024x691-3.jpg?fit=640%2C432
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
152ff334768ffe76eeecf243a378805a80b1b7ac6da170c6dbe62150fa65df5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
27104
X-nc
HIT hhn 1
Last-Modified
Tue, 12 Oct 2021 19:27:16 GMT
Server
nginx
ETag
"943c2fa484732e2c"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2020/01/money-2724241_1280-1024x691-3.jpg>; rel="canonical"
Expires
Fri, 13 Oct 2023 07:27:16 GMT
Fun-Advent-Calendars-for-Teens-and-Tweens-2.png
i1.wp.com/betweenusparents.com/wp-content/uploads/2019/10/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i1.wp.com/betweenusparents.com/wp-content/uploads/2019/10/Fun-Advent-Calendars-for-Teens-and-Tweens-2.png?fit=640%2C636
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
f6259c597a84c82a781ea1210852adcfdcb1b29936e175ffb85c6012f2456635
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
219910
X-nc
HIT hhn 3
Last-Modified
Tue, 10 Aug 2021 18:01:41 GMT
Server
nginx
ETag
"343703c415dbf1ba"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2019/10/Fun-Advent-Calendars-for-Teens-and-Tweens-2.png>; rel="canonical"
Expires
Fri, 11 Aug 2023 06:01:41 GMT
5e7a72377aebd.image_.png
i0.wp.com/betweenusparents.com/wp-content/uploads/2020/04/ 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i0.wp.com/betweenusparents.com/wp-content/uploads/2020/04/5e7a72377aebd.image_.png?fit=640%2C385
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
db80f07f22a004f3f6be6fe0c65a3b6c5b2aa9153845f865f81bc121ab4de669
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
227954
X-nc
HIT hhn 1
Last-Modified
Thu, 04 Nov 2021 22:35:22 GMT
Server
nginx
ETag
"b5e5dfef6d6eb3d2"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2020/04/5e7a72377aebd.image_.png>; rel="canonical"
Expires
Sun, 05 Nov 2023 10:35:22 GMT
student-849825_1280.jpg
i0.wp.com/betweenusparents.com/wp-content/uploads/2020/02/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i0.wp.com/betweenusparents.com/wp-content/uploads/2020/02/student-849825_1280.jpg?fit=640%2C427
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
1073e40c10d64d065b1ea031484d3043142b29c1c8afaaeaab3e999d49f9d4c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
30492
X-nc
HIT hhn 3
Last-Modified
Thu, 04 Nov 2021 22:35:22 GMT
Server
nginx
ETag
"83b05579166d3470"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2020/02/student-849825_1280.jpg>; rel="canonical"
Expires
Sun, 05 Nov 2023 10:35:22 GMT
Waterpark-Dos-and-Donts.jpg
i2.wp.com/betweenusparents.com/wp-content/uploads/2018/06/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i2.wp.com/betweenusparents.com/wp-content/uploads/2018/06/Waterpark-Dos-and-Donts.jpg?fit=640%2C283
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2e6ef736b6428a85d284b42a27dd7ee1230d8ffb4623e4acb99021d361351383
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
40352
X-nc
HIT hhn 3
Last-Modified
Thu, 04 Nov 2021 22:35:22 GMT
Server
nginx
ETag
"ee9eb5281447c651"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2018/06/Waterpark-Dos-and-Donts.jpg>; rel="canonical"
Expires
Sun, 05 Nov 2023 10:35:22 GMT
eric-heininger-IaIn3ZlbXs4-unsplash.jpg
i1.wp.com/betweenusparents.com/wp-content/uploads/2020/04/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i1.wp.com/betweenusparents.com/wp-content/uploads/2020/04/eric-heininger-IaIn3ZlbXs4-unsplash.jpg?fit=640%2C427
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8566a3a9aa4846d67464f083c5e15d802e57ae06ce2fcfb590fab9cf56626fd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
11896
X-nc
HIT hhn 2
Last-Modified
Tue, 20 Jul 2021 13:35:57 GMT
Server
nginx
ETag
"b40b5790dfdeb31c"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2020/04/eric-heininger-IaIn3ZlbXs4-unsplash.jpg>; rel="canonical"
Expires
Fri, 21 Jul 2023 01:35:57 GMT
Penguin-Tour-2-1.jpg
i1.wp.com/betweenusparents.com/wp-content/uploads/2020/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i1.wp.com/betweenusparents.com/wp-content/uploads/2020/04/Penguin-Tour-2-1.jpg?fit=640%2C480
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
79bf1fade80e179aa63b535e72d96dbee0121ba6604b9821bcee90a6413f871b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
15166
X-nc
HIT hhn 2
Last-Modified
Wed, 28 Jul 2021 12:48:44 GMT
Server
nginx
ETag
"ab2715e6de2500aa"
Vary
Accept
Access-Control-Allow-Methods
GET, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63115200
Timing-Allow-Origin
*
Link
<http://betweenusparents.com/wp-content/uploads/2020/04/Penguin-Tour-2-1.jpg>; rel="canonical"
Expires
Sat, 29 Jul 2023 00:48:44 GMT
asid
recs.shareaholic.com/ 		100 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://recs.shareaholic.com/asid?location=http%3A%2F%2Fbetweenusparents.com&api_key=5ef587aef2adc3ffb08df8ec5e44211c
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/c4fde772/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.31.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-31-218.compute-1.amazonaws.com
Software
/
Resource Hash
bc4490edb01346a004a09322c7b1cbaf982a7744e50fc8d8c48e760104c421c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:01 GMT
access-control-allow-credentials
true
content-type
application/json
content-length
100
vary
Origin, Accept-Encoding, User-Agent
access-control-expose-headers
X-Client-Auth
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
/
geo.privacymanager.io/ 		30 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: http://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 14:33:01 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront), 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
age
7980
x-amzn-requestid
9fd0f0e5-0174-41b0-9300-c89e060d65a6
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61c5da1d-3a26aea278cb742c21cbb597;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA50-C1
x-amz-apigw-id
K28EsGfNDoEF-tw=
content-length
30
x-amz-cf-id
o_64szVytdq4MBZA6ByeQobQqT8RoTP9qFciWcIO_gb89K7BOwbPTw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=p.l&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2511
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
domains
api.viglink.com/api/ 		42 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.64.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-64-153.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
796ea44623ba45419b7d1a78b68b94744769879fb9bf37ce2d5bc7aa33b3505d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:01 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
log.pinterest.com/ 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=u_2apyD0riFo&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&viaSrc=canonical
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:02 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-fra19171-FRA
pragma
no-cache
server
envoy
x-timer
S1640364362.053695,VS0,VE93
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1533605030767001
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/ 		19 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.19.0
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
19
Expires
0
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
avjp
bloggernetwork-d.openx.net/v/1.0/ 		106 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/v/1.0/avjp?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=261cfbd2-7dc3-4372-92e1-21c62a01d1c0&nocache=1640364363021&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%7D&auid=539935965&vwd=640&vht=480
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 google
server
OXGW/17.0.0
timing-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2fd9efa6cbfbeed71527913f0c302c43a78c707a98654e944804124253991ed9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ea888467-de05-4ee5-8850-613c72e0d00c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid.json
reachms.bfmio.com/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=cf3ac311-d56f-46f5-ee50-ce185f3f48ec
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.58.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-58-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=ISO-8859-1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db51f6c694f-FRA
access-control-allow-headers
Content-Type, Origin
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid
prebid.media.net/rtb/ 		1 KB
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3164f7d13892b0728459e8f03e07e8a57eac10ae664851b94e6fb4ae12264330

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		95 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221c0f45998eb426%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.A%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=fcd6f8b0-6ae7-4d59-bbc7-6c773bf5903f&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
4c4f4a5948308b4470ec82aa3a32fe663e61ad21f6b630e29e4da7d1d2a7bd9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
8fdce66b70f54f2f77fcbeac7fad0aa6c9d2e0e578aabb164eb8a630ec6e260b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
cygnus
htlb.casalemedia.com/ 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224e1b99c160ed0d%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222531e8c32306cad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2226d66d660c78a23%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fb8cd1d64d5ce6466b73119f01589b5a7bb7609283e6f8cc40d4bbae84d9244b

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc%22%2C%22callback_id%22%3A%2231db72ff64e9d2b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363037&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bb716a2064d821694e431a47f1538c0abf1dc85e0aa9736c3c2eed7fe43ae359
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8a9ee036-a7a5-4c0e-9cca-db85a060f64b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db51f6f694f-FRA
access-control-allow-headers
Content-Type, Origin
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
13325969b4748b2ffc0dd81a00dd32eda9bb54a9f9edc0d5309f7bc1ebf7578c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a09cf3b06f22871101d2517ff8854a6cefe273fa639604986bc8e31ff5c9fc29

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
25b6a2563949e830adfabf1deea1d04761bbe569fcfd9d485cb18a44dd5050b9

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a5a7fcd5-cbb8-4f20-913a-21135ce0f248&nocache=1640364363041&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
15af68248463993d7469dd7c5ab921b77acb43b1dedd26ca7bf9884586ba9370

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
2057502b583ab161950057af53de93840108a1ec56b0f44f4e4dbba8d885cb61

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=0&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
FSFX159AAN97ZW68TTGX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
I3ftiWQ78NTgTBhsIkUaVgBrOLzzd7YodROovX6EKl5Q0b1fArDfEQ==
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
26c53ad70011c906c3b259f9363cfe8a9c591610a83f8355ca40f14aeb669e30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2adcd871bf4a8ecfdcc6e09b2f313191e27da13bc947fb1723ac40f51539247b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5b8a2b16-5590-4a2d-8925-8bc553fcadfa
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.2%22%2C%22callback_id%22%3A%2257c395b6e460f8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363049&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
58ab11705b55ff724937dec9a2460d6b4abbea21f5ea3596bc52a7c5314b46af

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7f0c830339c4fa576c9d8c255b786655dcbf0c27937ba503b411266c60e9052a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
prebid
prebid.media.net/rtb/ 		1 KB
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b43a6c25f04d280651504500fc56d64e4c67a42e65d5727b460a297638a02bae

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		95 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226879e1de0b237a5%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.B%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=0cfb9922-c5f0-4c32-9c87-9aca7764de6e&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
320afcd846fd83c4d68bb14ef313b1ccec7b8057fd6cf0f2cbff737b3e410ff1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db51f7b694f-FRA
access-control-allow-headers
Content-Type, Origin
cygnus
htlb.casalemedia.com/ 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227118d3982ef7baa%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22729e0c851b6e14%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2273f66d86e165b13%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5db666a756bd79cf64d14ee3eb8e45551b62246932593fddc517fb86b40bdf7c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
hb
ssc.33across.com/api/v1/ 		65 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
abf7b6220017b2b8b173d44786853bbae9b6fb6df261708ffff41bd63099a90a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ 		94 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b6eb465f0a27e3867eb23b5f8849bb136baf5d0ee9436ed42f87ea252476ed99

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ada75f34-c309-470e-8df6-9fc7e8186dd6&nocache=1640364363057&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.2&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
6354d55b7d57846969a1e605af74e737f4b80a16c6e1fbfff39e01024b44882e

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=1&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.2%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
TS8BN00W3AEJVZZZB001
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
H8cMApa7pYjOkv61Y50QBUUlD4mtb3lOBsqMtHLL344iuNHweFR6WA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=2&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.3%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
S8R40NYYS4GGCA5CGBCB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
RmCwM8SX_GCEHLME_ijjKFkObdyG9ef5BiAGmJ6SOa9arxpxa_btuQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=3&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.4%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
PAK2ZAT3MCQ4JBF6DGBP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
vVInzt5dWuFM8-HRE86u4HclIxADaHkHKuTWf3NhURsnXm9J6bebtw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=4&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.5%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.E%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
5RYVX9XQ04HS2ZA24E8C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
2hsgmWhRvX1xjTkcKGLJelPJjnFmhlNi2iILzkkeqKLFhRkW7C-asw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=5&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.6%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.F%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
PV999C0MNW3WJSFNB5KM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
dno7oIChUns34tG8Wn-kVkka73QKEi9wIYgjQozzvRsiakjddnANOg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=6&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.7%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.G%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
1JCH7CRWYGSK8YR8WWXW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
gbRoVPezic_LPT2B_Aax7nIeXeOXnKOKNO99TKywj4jFC55LBrKoFQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=7&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.8%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.H%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
VVV43G76443NEK5TCCZV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
3BMCd-wWfwp0S3lFXTL1zkM86jpzrHO9LMIqu_FNkVmDWxdGFo8v7Q==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=8&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.9%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.I%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
BZDJ6YGC9JBT3S5D62JP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
zJqjackpZiQxRwiZgh9tKMRT_LSwmyHwTn0DIp6RaYKgU45usb_L6g==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=9&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.10%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.J%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
97B8AJ5VSKFC8438TB9K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Yz4ASKWQew9N0fhTyh3-4rtIphbQXapYmBRYRWNhf6Gc2jboQl7NwQ==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=10&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.11%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.K%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
05CJCV1NRMYW37Y5Z2N8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
ExfJxEsZkYQsyQLllmTywSn9ytbgDFqrf_cjiNUEC1X2oKyJxshO_Q==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=11&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.12%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.L%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
KRVMFAE1K1TFQYS903PY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
bCn6klVzjo_ntIzL0zraphWNeLJJrEwsjLcFTiQ5PhTqknyt_F1Lcg==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=12&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.13%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.M%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
63c3f35eed8f9fae951373f4f0642d09521b1b86c8d3a6d679047bc5440790fb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
8RXRWZE8PEN6PA4SVAWX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
jf9FN6_u8NaR8VzBnApxCDdifqFgQVRUpr-OgGa2sUiyhCZZuN5dhg==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=13&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-89ba1aaa-6234-4046-a524-d4fc9eb26308%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDP.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
af058bc0a949d80a2234f297e983e6fb3438a7f360daf4cdecd3d717ce047ea7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
KT3PDD98201B8KW8BAF5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
YTzl-rwkekMt6z-5QVbJYTIfZlck0ycUrCz4JgnR3yoaJmDcGBzJsQ==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=14&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-32a5fa29-1a57-4acf-a34b-30a7c00a16fe%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
36a74661dfb652c289dd3bdccf3c31dc9ba453a328a4318aa72a34f1454f0842
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
7VYT2XK10EEA873CK5NY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
l-PgNxkzkfXKOKQ2QWS4f3SNv0ajATC13bhWyTcvY_I2XODnWyZBfA==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=15&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-915ba5c6-fd09-40f8-962a-3672add0e2d4%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
08ec332c446e727696ff53c4c9ee2f3f5f605ce5672021e9691f89bd12c02f43
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
EN9BGJGF46BAMP37RZXX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
7SDgN9ugazUQfRxZIczCpbExI18eWbjOJ31POKCmWGzg8zb8cLxD0w==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=16&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-8509026b-3ca1-470f-9472-1ce3ec32f668%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDT.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
134f4a39b11972e436ad81464caa48cf07310f1d14e4397a763c4b30782ea3bf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
0VRKZQE9JXX9T0PJM1QY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
YLFfTO38q65gltOzR96FPhkK8fxKZCzrx8EWF8PI0LMsS8HmPpoVIw==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=17&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-b32dabe8-4103-456f-b88e-67c123cd18ca%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
c1059d522f4c639f77427fa309b77d7c5f02e42a44d45e2edc5113394cb51822
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
1SWE1NXQ0G1D6ZD8MZ3V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
w2xwMkJdNkzdH5nmLCoPfdAnj8DgptiDZIZekY0Zr1Q3Nt6Lu2Us2w==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pid=Vy9QMNE2xpbXk&cb=18&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-813357c3-33b0-40df-9dac-e49181d13297%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDR.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
ffc733276efc796c146eccf6bc3b111f917b8e2203d25df67884786903b64c05
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
KQZE27HZ608T3FFQJEM1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
24
x-amz-cf-id
Rf3xwBYE4YuJ5Dlm4h1x8TJwOxfG0LykeLMDwJml6uD74eGeiQ7mGw==
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=ffd1c827-306c-4903-b143-bd88d74f0212
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2513
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2513
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=89ba1aaa-6234-4046-a524-d4fc9eb26308
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2513
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=32a5fa29-1a57-4acf-a34b-30a7c00a16fe
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=915ba5c6-fd09-40f8-962a-3672add0e2d4
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2513
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=8509026b-3ca1-470f-9472-1ce3ec32f668
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=b32dabe8-4103-456f-b88e-67c123cd18ca
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
mmt.gif
imps.monu.delivery/ 		37 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=s.d&u=813357c3-33b0-40df-9dac-e49181d13297
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:04:10 GMT
Age
2513
X-GUploader-UploadID
ADPycduOR2ZW9_9yFyOBWUdbF3KE6U3c1JDwAZPfREY-v1HBle8z6dWx1kcCtM7QNQG9PFWR-znEt9AChsCVi4mxZt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:04:10 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
54a4d492b4874e54c04c38a5ce4427d467c745a7df233cf9706969cd31e7972d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
6170560407b6a6f9dfc6e2aed16bf9e4a4b94555a477c8db47581570f366d1f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
85f5f9df678a27769d244db0351c902dd7f6e4261b627d6fc394c6d1fd1843fa

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db5c92a694f-FRA
access-control-allow-headers
Content-Type, Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=37233793-b0c8-4849-9f44-27195dee715d&nocache=1640364363160&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.3&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
02b7edf18c0754e14712a4ea00963c5e23fcfb0314afc36bd39914ba666b3953

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
af045ddad6d6746a971b0908fa6d5383579b5f4e7ae15b2c88325b9dd18352d6

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
433c31b614d13a4271cb35fb7258f2d94a63368adcbc517ba04bc80081f88dfe

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
29133ee25af49e630ac7ef6ba2d114adeac2392a1cbcc8e15189baf3c792a6ae

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22111201c87149b55c%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22112620680c75c598%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22113f72a416a60cf5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
055150560f7bef9d38fac4b5e9773663e1877186eb90fb7ced1c73b286b50497

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1062
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.3%22%2C%22callback_id%22%3A%22115edab42f1ec018%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363164&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bad1465fcd0be46ca6505e3ff6d0ec3d4cbc616a560b1f79565e139e79caf5d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bd10f2a6-48a7-4c73-9b8a-5a3388a7958b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		96 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22119f7a03e92cde21%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.C%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=c779d686-42a4-466b-b7a4-e270d2f89ad6&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
15c5d10595df7298592fc4f50f5f4d5b642ed64078e0ff879ab47b26217868de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221223d6f97578b0a2%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.D%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=2bc983c7-e1a7-4a19-b876-09ea3e6f5909&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
5df8ae955ff626c43b9f12bf6d5d7749347352e0f526122bbbaafb813c1b2907
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
9804b9cd45ae9b855d303fd63da5adef449d5e3c2e1b9d8fb353f9bf671153e5

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212630c0a5c0f9f65%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127599d4603be94a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212872e810376b8e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2411f7a1ebce2ff323482c4ebfa07f0efa67319658db9b60398047b5cb2b49fb

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b6e3b75adecdf92df127c079a7ea334ac6cfee55cadf923a7a76f722f5027582

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
fa2cb772c383b1cbc315bcadd52fc3c2e49ce9a97ce6d1d83706be732994a6fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db6cad6694f-FRA
access-control-allow-headers
Content-Type, Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
49bea52a84ecd36a5ccf8c00af4c2cb8320561914f7e67aa03cfd5cefe00e2d1

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2bef99721b2f9c5862129466fc4d9dc52a57df852f65c24ce33a04b6a2f02cf1

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a29a79b90753a2605bd446ada085ff9f8f79bfd68a2ec03525e3422f6e36f4bb

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9fd0576ad63d5642f5f52adf03b5069bba3bd76fdc3159f16897a2914dada91a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0049fd77-db4c-4624-a17b-7d20fad15af3
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.4%22%2C%22callback_id%22%3A%221496bee0048a025f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363328&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a11250c8-0568-43d1-8860-3034ea4c9dee&nocache=1640364363328&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.4&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
85c5a8e25c75d3975061bdaca77e6470ff89888c35eabd8e42b699dc9d106a92

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db6daea694f-FRA
access-control-allow-headers
Content-Type, Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		74 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=beda839c-582c-4ab4-b5fa-c392cb98f3ec&nocache=1640364363331&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.5&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a40b8f6c536a8e0e9a1af16b2d12fec58dae900c1771bc2e818d453684691df3

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5689caaabf5a7821a72c38327365d0904e43772ce268aeaaa62469ba60462e33
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e5a57b5a-88d6-4e3a-b74b-6b2526206bb1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221618bcae874c1dc6%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221620baef70d0637e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221639446e6284572c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d90775e7cabebc222459a96c3e28a341027639ccba9bc87be3a8e8989178d58

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.5%22%2C%22callback_id%22%3A%22165da7fce1d033fc%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363335&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
387ff87f971f0f10bd049eb926686db432ccf9f91bf2e776308f841c3f3b2f24

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6064a2d6827b6c3cbd2f6487a2ccde4d2cdf64fda3d99226ed9fa4e370ed76a0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
434cf1b7f4e034cfcfea65613f95faeb294adcafab29da312ff4e1a684a232c3

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cac4eb1d4f558cd015e102fcefdec3d7172b36972894001eeec882fa8e1f9c3b

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22183c6ab43106497b%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.E%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=77535cfa-5c9e-4412-96ca-7444048f35e2&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
71855e26196c178330b2cfe2e5992b6c12e23293ccc83bfa4d23646e4d49da7e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
d25675047cd3ad16cdedc3bd89438bc65df07e108d9fa48f43294d8e3b756126
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c52a2bdb9275f3936640bb91e5708c5c57d71af482499e1285ae1178c1a918fd

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
0f4ca0e8e23c46d1e74cec2d65bfc99f0dab8a0db5a95ef8fea414b0bbc12667
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7592cf123f5e180b1748949867ef1015b791e8a0cc8e16f2af82f17e73c28f03

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0fb97e0017348346196e720448bf05215465a6e8ab745614d953bbbcf1714e0c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db75bae694f-FRA
access-control-allow-headers
Content-Type, Origin
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0239265830fa66f740aba2cefea1776aee9be19c115af74bf4de949dee022982

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
4a3ea4c45299c510e486c2169068fcb2eb0ab1d0f44a87f1a06ba77cfeaca261

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22203a762cfa302467%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.F%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=290a4685-ab4b-4b9f-8500-c7804831adb5&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
f955c961f6a18abc329b4770519e3832400382b881aff5a1322eb32f7702a62a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22204d91cd12a59d1a%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220559de904f41639%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22206ceb4ce9ced9f1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6cc221951254fce68e4f9b5858ced6be721c2d3b599dffb69b80ff80d7988df7

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1062
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.6%22%2C%22callback_id%22%3A%22208634cb5f0a4a2e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363414&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5be3c4ef034b36088bb735684d2cee502c5a14aaf8de05d0d9232a92bf583dd4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c9b09bb1-5eb1-48c7-b303-c5f0c7ab3248
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3c6a3720062b32bac08397d7dc97a27484f987ff7812ecd3520beaa917b1e430

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=40e2b785-d257-4c89-834a-746c6c4e39f6&nocache=1640364363418&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.6&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
a6166b43f3116efe4dac4d58b45e93c3309c61b74117711ccb228cc5b5ab1d0a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7b744aa69ff9e7baef528785345e85e1e616fe873ec6b335398a46bb3075f412
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1c9688de-c2fd-4caf-af7d-42f87adf162b
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f61118112b14dab29b663878e2567e6fac6e03a23e551f365ddebad819214647

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db76bd7694f-FRA
access-control-allow-headers
Content-Type, Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		75 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=03b33d0d-20a1-4d04-8171-2677187d3dcd&nocache=1640364363424&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.7&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
1e1a24f07883dd3da59de6b79db360b626648bd3b8b83cffe1112e9b9f8cf1df

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
timing-allow-origin
*
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b946d3e2e4585fed46db1f41d3c5d6ff1f13032624a84d9bb16b3cfeaa1b7b0e

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5ea57a50e929ad31b45d64b97b8031e78130315ddd0d25b74cf7fad92939cae4

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
d05a90038ca3c43af1c6ff1696b01886e9a416f01b727b781c79366dfd758be0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
cygnus
htlb.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22239ca25c1dfc1578%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22240f620bc0d2c801%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22241568c24d5128e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b386f0c0e5ba10b71f099049338e05d280dcf3702a2c44d1a7281edf9baad0e8

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1396
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.7%22%2C%22callback_id%22%3A%22243334e624577476%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363428&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22245e13df30c46752%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.G%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=2b1fe653-c061-40dc-b859-a22de19370d2&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a2a7cd5ee9d2f2a65567ec3d8e91e173792c166a078d9f6c2426ae86600db738
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8f453e18314644b56d48f00b14eb7ed01593cb5e0da024a651d5ec7f7bd0d69c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
62297d4671f94217dc55f32bcd0294426453e5ccd7d49c8af61de20a69f5fbe1

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=843065955744990&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363490&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=1570&adks=324797662&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3dda07d0edcd045ed13442dc2abee3491b8af1eb0b41219b332ed8cb99b9a238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5ae3c80d270af9693593899b0f110abe01f766c2f74587a8b4cfd152f0022b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8616
x-xss-protection
0
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D96A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=2388001639069798&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D35a51978-fdbc-4bb2-9639-3c0406928546%26monu_df%3D0.02%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D693b1253f3a25371%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363506&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=2119&adks=1823532741&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a2658798adfed822f370926f024d5add17a42fd6fc67aba4f4827a1228341cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11488
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3c36be937a3f96038abfff68f6292185305285382d2f663b2153baeeb99cc939
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d69fba64-67f2-49be-8823-065b157e62b0
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22262eac5aa7e2ada1%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.H%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=3b81642b-1c68-4c75-8562-a48deb31cb42&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
3677b12e759113dc8a339f42c4fc71b9fd204a5a8f1bf247ab45533158882f1b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4655e1d80abfaf8b080f20fcfb573442531f16ffdb530133d45a932782c2e218

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22265db302f57b1ca1%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22266bb3afc59a3f7f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22267fac92b3587902%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
934f9725e21d9493df8a25323111289b3d7e43e6475503a53b48911373a7b830

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1423
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
088d5e2f1bb43476683144a003fe0b96155a4431265f297144895ff4bfdb2d83

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
eb7b38a5e24f369c74e1f807ec29c55bb5c6798f78ef0625469a193b72d7a76c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=36f280bd-4e9b-4f2e-9e84-dcc16e08c425&nocache=1640364363518&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.8&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
57f9d9db71a8a5cb7455d85870bbd2d2a0740f17de5cc96d2cf7b88277eacf28

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.8%22%2C%22callback_id%22%3A%2227944349af4aa32a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363518&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7720575a05b688ffb57d60c6bd72e4c4849fe39556ac5841fee965adc47f2c8

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d7a727ba48aae5e48f785db04fd08def67876ea06039e768f37c11250e6e7bbc

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
518e708e839e799278acc42c0b3038f39d8da6135e14d9257cb88c5c884a4f58

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db80d0f694f-FRA
access-control-allow-headers
Content-Type, Origin
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d0adf988cdda4f8e1bca95fcad9cdb6e382928628b89856eb1ce70dc1c2d8db6

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d28ac56d963aaf08a01720594debb554f8bc11cdf4ea16818031679e24464196

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
66706b1671d19687d86944285e4995b3b65aa7ffde6201cc4b5696df152ad85c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
299a8e21-6557-44c0-9d14-d7797ef8f2f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=03920be6-9062-4345-a207-e11b0a230f95&nocache=1640364363549&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.9&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
f91b6ba206561a43b9649250a7925588f875cb5b875bae11d47860edfed56060

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.9%22%2C%22callback_id%22%3A%22299afcc171ec5f9f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363549&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cygnus
htlb.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22300e43a3f9e5f45c%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223014ff4c40805929%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230251aa45f4c9d72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19ab89ebe654c9839c7832cb2a3758f1386634b62498c5db6e1afcf87a284824

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1396
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
291b54acb16c4e0c5d589617d8b7b847f9971989ced9e806dfe346f81fa91d15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
920d09f9d2f69e5504ab36939220d6c7282bfdcbb2fe952246de75ac78ed4e34

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db83d65694f-FRA
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b97c7fe54f0dcdc1dbc7618f3f370421b2e994612c43552d8c70dd7fe980d04b

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22316965931638d6c6%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.I%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=bfbcc957-12b8-489b-a909-330aa6c6e715&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
771cb04a70776414a6b2cc4eba133aa5e4f22479eb300a569f7a026188d3a15d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid
prebid.media.net/rtb/ 		32 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
via
1.1 google
server
nginx
content-type
application/octet-stream
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
content-length
32
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Fri, 24 Dec 2021 16:46:03 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=369477601535057&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dc75f9aac-4448-41c7-a0ed-772fe6613bcd%26monu_df%3D0.03%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D692c9c24ab766294%26hb_bidder%3Dix%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363593&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=2667&adks=3713034956&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8bb62d2104fa270264b2e90840f69d2c77c09b7069ede39afbaa1688c56b6e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		428 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1836026705328129&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.E&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363603&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=3763&adks=2423441139&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
dde436bf81d697bc18a640514e2d83d15687437a1f16327e9948c28675bbcc3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21BC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 23 Dec 2021 16:35:09 GMT
expires
Fri, 23 Dec 2022 16:35:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
87054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 814F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36ba17ec4474602da122b82be83d10d532c0d23e6723b4f1e6d6709f60d889e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bf/91E6Tg4hoBrdwNZfCjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 24 Dec 2021 16:46:03 GMT
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Bf/91E6Tg4hoBrdwNZfCjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223262803481b3f198%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.J%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=ad0fa2c0-954f-4678-8bff-0df195f61eea&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
f9daec46b23d5e7b6e1b5ce332014169aeb06e56b8f9bed84ef810c5bc4b2446
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.10%22%2C%22callback_id%22%3A%22328be96bb53178ec%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363622&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22329f6e850eec129f%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22330b7daf9ff486c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22331f5059d686e299%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
776b43674abbb695739f4b4265d6ee037121a4aa00a345d3cd9ade316348a032

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec39926853bad00e113203e4b2a07de7b7fc7a182622901087cfa7102ef6451c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fed0bd13b52c1b20a85f0bb85a336cd3114d81882577e91436ae59f9e35a347e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e0922a88-6b8b-401a-a7db-8ddf5dfbd538
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1730dab7f2b9e2dcf7266e03e1d5f840b14e4d0230322887c86609461c9de22d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ddc0e0ef0af96566b76218ba0d4fb55848bcb01b9934d8fdd70c4ca234822cba

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c17b5073d5de58fe2881a9238c1388b6b4c6a01d705455cc815bb8e83e18dae2

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
5a8c735adc9d26ca50f4cfa7fd732798c273792cef4b88fdf96e33ba329a71d5

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
f3ede9247c72a00c8027263b58a5f02dabbb204adede44465a02c16a8dae4ccc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db8be68694f-FRA
access-control-allow-headers
Content-Type, Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b13327dd-3869-447d-82c2-9269100a7c60&nocache=1640364363628&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.10&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
55ff2324d9e568314dbbd91799e77987b1b1e6126e6bb0925d83ccdb7eb1068a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=3095178161814099&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D59660194-c1a7-43f1-a1f9-93ac8ac25666%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D7052335fbae0e8a%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363635&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=3215&adks=1875363211&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=5&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
85a118dbfb7e0f858842d1c3ed668a21d2989adbe851788d53fcb8dc5fabb875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 21BC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
264430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 15:18:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 814F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=457746276947931&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b7a4a48c83065cd79074a51a7df1d19a748cbb2885e6690586f604d8c7e46e0f

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.11%22%2C%22callback_id%22%3A%223634cd55aa8a752a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363711&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0d78b00b-3fc7-4939-a8f7-5ac46f99a928&nocache=1640364363711&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.11&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
cb11995e9dd84d727cf43902d490abf1f356e97db223d1ced4a68258aba06988

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cygnus
htlb.casalemedia.com/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22368a04c973db5f3d%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223698adeb860038ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223703a201c21644c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3a7f02da4af7a22664fa605efe91025e23439ebe5c2e0a2980251fbb8b68d91

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4605
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
8caa41181719668f38d34e7c3f8ae71698228912433c51a769784e6e9c34113b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
533c753efb6810b90dd7af1fe6fa4d028c88752f43b08fac854e56cf1d8b4214

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ed17b1487f10dae72caa90fd6dbbf076d26862fc4a6c1193cadd7f86ad16130a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d3e8f348bb63ba0d30a5cfc562661b7069bd14743f4227cdf5e1d93c6473bfac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
48f21ba3-2e6c-4b37-9e5a-5a7b6224bd90
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2238494b6c3e3b6e28%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.K%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=e63bfaee-cb50-476f-9fd4-7820b608c136&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
7dcdf6f958fb657ababd9d9dd83261671a109e411586afb522e40f5baa629777
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fdc6e6370a8398f513ae7bd86fcc7468161d15ec20068cfea990c4b516579ad0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db93f8f694f-FRA
access-control-allow-headers
Content-Type, Origin
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a16a3a9d77c48b5c062e5e7231e981d76bbfbb94efedf1b2e62147221bf7c1c9

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1710146064252979&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.G&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D897d302d-3df0-4de9-953f-404d6f5fec1f%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D702ee541fdf2cee7%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363723&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=4860&adks=873623921&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=6&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
273a3d0a407eade0e671bb66687373418ff3d68149d18ef464869531838ef398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8865
x-xss-protection
0
google-lineitem-id
87459936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
62490708336
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=569022669505117&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.I&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dc4ac4329-da52-4fcb-81e8-ed2c53f2d040%26monu_df%3D0.02%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D70683b973484fa5a%26hb_bidder%3Dix%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363736&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=5956&adks=2520166592&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=7&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
47b49c858f971fb1069cb68025d0ddc24b7d7746b645e5b14720ecedc5f47a5b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPr40bnx_PQCFY4IiwodwHkHsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/2613259223491829695/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPr40bnx_PQCFY4IiwodwHkHsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/2613259223491829695/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32128
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Fri, 24 Dec 2021 16:46:03 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a186213c58ac5017caeb4edb05c435f7c5c02d44b64ec0ad334a9072bff13d3

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
5bb5b1603376fd0d3c5874f56a97d2e27060dc2da0504ab45e37a1450929bebc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22400224fb26d0bcf1%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224011e77267ee3022%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2240215a64a533d80b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a2ae287ba167d66581280eccd886dc293447003433980727d12a54c42e8d05ca

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1062
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cb2462733a0fd4b70f54d56880ae2becfc4e45d1b4513b60b87ee722ad985c10

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db96fee694f-FRA
access-control-allow-headers
Content-Type, Origin
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:02 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7041ae8c944ab10e543787fb915043b98e4b59e48f30b708ac71484d18ef7a99

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a0f0617da27f556eac8efd0e6eac1eed988b185a0c61131680b71e99d9964329

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a2c577d5-3f38-4017-ada1-c44355c02659&nocache=1640364363742&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.12&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
489b4b852d00689f3b493dcedab423fc0a20c670859e65c7dd3eaf5e621f4385

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224188af719385c1d5%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.L%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=b270ca42-9728-4fee-9181-851fd7f95ac4&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
cae526a8ebada76eaaf65c128eea7715db5d13dcbdb5a7991d7d349ea1a02fa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.12%22%2C%22callback_id%22%3A%224208a43f2af814e1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363743&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
20d671a8c412160715b7e87a8176bdacd4e1a24844da243e4330a479a1a50a5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
86637c14-c6c6-4a5f-bdfe-30915ab00a5c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
344a67237015ca1641309e26bf89bf7ea1f11c734ebd1a361b6cba23ed6f5fef

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1523897305334290&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.H&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D85060ea4-4b65-411b-b8d6-0eba1c5abfc6%26monu_df%3D0.05%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D70319e466631dfa%26hb_bidder%3Dix%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363751&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=5408&adks=1951498581&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=8&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
457a06b6a40857848b43dc2f8260298850df00cb7493701400d8bb6d65887295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=3439611185755035&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.F&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dd828e737-0217-4362-b7d6-8a9d9da35551%26monu_df%3D0.03%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D71078bc2faa5260a%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363759&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=4312&adks=1292529128&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=9&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
28e34be86c660348a5db6f0fabfcad20e5398af321c9326b20a388f77079edcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1392922851706523&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.J&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D0b6855bc-fdaa-4774-8d7c-12d5c713ccfe%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D7111503db5f944f5%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=23&abxe=1&lmt=1640364363&dt=1640364363787&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=6505&adks=1792233299&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=10&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ebde23f254a76d197ba48cfea4222fa814f6cac3d559b4a4678a031575c0a287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
38e87db9a8930758565336d5ba0d7e23eedc28cd2f5b0426c21ce328ea6af046

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22431347fe7c457c1d%22%3A%22dcc4cd9596e80d497120%7C300x250%2C320x50%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDL.M%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=4d2b0016-f3c3-452a-9dd4-4d33d4d50200&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
7652bd3ea50af7bca3ebe125415945a276d7497d1291ffc075275964f27d07f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
59f9d22d397eedf12f38f11aa3ad971573758e3d85176c74528d2be67d7a3bb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b3c316d8-61f0-46a4-b854-feadd34fe43a&nocache=1640364363801&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C320x50&divids=mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.13&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
42b873a89ce6d25a8177de17df292aba9199e5452c5569a181639cf4f1af1abd

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e75b349a0c2a83b5549850076aad395531efc838c345088d5eb99ef2049cae04
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
818fae10-5afa-4bab-a248-ae2b33e9c617
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4db9c8a3694f-FRA
access-control-allow-headers
Content-Type, Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
86a32158ad55895bbc704474542b80008922047f6030c55389ad3670733bf8f7

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691490175757565688f4daa720af8&pos=betweenusparents.com_mobile_atf_320x50&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7fc0797e09402d7d99d98e80013f4ab6070452ef0d2329d6a9a6d56eb9e1fb74

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
prebid
prebid.media.net/rtb/ 		1 KB
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8aa69a7251cc8684c5fad51df1fdedfbfdfd9ed79fe0933a1d5a3740ddbcb680

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-biacdsid-f2ic-jitb-kmil-ictoamttthtc.13%22%2C%22callback_id%22%3A%224506e7f56bbab91a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363804&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2245542103d97529d8%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22456e57f7fc0b52%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22457f32756a8908ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7a605308d0ec77a960f93f9f46d5fbd1fb3a569a15313ad7bafe9d77040700f

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1062
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c7aa2a4cf81f73b9065481e8308b4893ae7c3a2d679d9eee094c75c8dfa0572a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame BD43 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame BD43 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame BD43 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame BD43 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame BD43 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
truncated
/ Frame BD43 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6b95448ad5da4f2add248b97f25bd527b5b02729f55dea4833f6ac0e300b55e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fnmlbk20&sb=-1&h=betweenusparents.com&cb=6571240&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
4184810587824334659
tpc.googlesyndication.com/simgad/ Frame BD43 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4184810587824334659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qks1IixPwVzdqFiuoV0Gn11fTqKxQ
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ccbbaaef458ee36201750bbac267cfc7f4e62babfd4d7698d8bd5bb64857d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 17:16:08 GMT
x-content-type-options
nosniff
age
257395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46871
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 14:45:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 21 Dec 2022 17:16:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25465
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 25 Dec 2021 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD43 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24778
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 25 Dec 2021 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame BD43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRkkVwPvTMNjT1zaey5LD6-2yLeRSALdJ_kiEbL2QdllZ8ZwqnLeQ8Frge9J48g0Q9lbZVu6meDotwGzGOLFGdp0Yu8bg
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BD43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5DLXS_nFYbiNIZSl3wPy8LmoDrHrsatnxsqnhs8OzeK85-IpEAEg2NXYK2C7BqABgJL69wPIAQKpAjuqJHi8grY-4AIAqAMByAMIqgSfAk_QdkzNwXWZZc7mb2EeF1opoDhyc9t2lEWFHOSjc9uv93heEEmUmkb0x7ZrOZZWXXeWcGxFfxRXA6Lk_6tYv4qJOiqbqZT-lUVohMzpp8n7znWb4MQjlAt_BWV3jAXuy1tM9zktWCGHEeY4oPZEL3Nix3HUCm5L13lE8NDdxbkOqocTqypmcHEbsSv-HGFGeHk5oC66_95SLkRhsTKmSXFhNKqlilYyK_dJvAnzA_R7MgYdcAmmS0Oc_2UvNOSZTnGQm1g8OP7lnp4GqyXPbGPSdaINNuzZAQKpRZUoYWlTabQnnPjejbpaU1R8tHyH5iBN0Pi2XhwEI9zcaLwZDSvnvaylUSTsIYPSolkRlrqx0UEMOtEUwQnfduQiEmSXwASBmvS96wPgBAGgBgKAB-jthQioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCtxRHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTU5MTUyNTg0MDAwOTU2NTWACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=84tjrFeQRSE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
imp
g2.gumgum.com/hbid/ 		438 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=99733&pi=3&bf=728x90&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6369981eb9ff5b8ea99d7304080f801c70949c967f424e65b61660edcddbacd9

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a2ded8f5f016768fa773cb7131a8e3ef594771bfbec40feca773084d30e994c5

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-89ba1aaa-6234-4046-a524-d4fc9eb26308%22%2C%22callback_id%22%3A%2246864ac654b67c87%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363855&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
36f581da449105ad2ab26be82e5835c47644e320fbabeab5d85a11d6a861bdb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9ae864de-1db0-4785-a069-34b38530e1b9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
0b9152dd9853ac91a5efa3ba049786a28395a776555fd9890b5a489dc7d5c327

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22473cbfefe652316b%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22474ceadb59fe43b6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
179d3c5f2d03bac5b9ec63e8f91d78d5bb68435f20de4ce30668b8990ad3f8e8

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:03 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_728x90&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e944a6905ad9f7680bd406257baf753044f6f939a83c978799fde898c48bce2e

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dba194e694f-FRA
access-control-allow-headers
Content-Type, Origin
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22482fb904ab52d846%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDP.A%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=1e89d3bd-7f4c-446b-a29b-62cff814883c&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
df12486cc387250b561269f9354552de08b12323928ce877768bbe64d43cf033
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7ed4c35ffaf62c78abc77642ea5d7671f17db40931cf709fba9c98d3182941af

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04fb3e93-2d36-4e08-9653-d7ccd08e4e13&nocache=1640364363858&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=728x90&divids=mmt-89ba1aaa-6234-4046-a524-d4fc9eb26308&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
78e51539affc9639b38b476b25d849ae45429c5548182c8c7a51849f9bdb84c9

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
a1f7910c9be1a7cc9693e60d2ac942a78787cafd74afb48a61f11ef8a312127f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		422 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1856119025871182&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.K&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D41feebc5-663c-48f1-a623-6120d850d05e%26monu_df%3D0.07%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D712bfc466b94232e%26hb_bidder%3Dix%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D05e967ccba839738-22b1a1050fcd00a7%3AT%3D1640364363%3AS%3DALNI_MbW0rLjNEoiNLkvyjaLhwpDRnzm0w&bc=23&abxe=1&lmt=1640364363&dt=1640364363874&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=7244&adks=629783271&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=11&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a99e88d1f562c3cd7fd90a5ba93cc2850d801f988fddf5701849e6c749fe368e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e9621e5be2817584425f7badf6e79ecc2da6e7ac210e60212654f461a662eeaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:02 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		422 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1570128119315819&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.L&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dcee2541b-96c7-4df2-ad98-4a8c38bd9301%26monu_df%3D0.03%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D718010ce0217a734%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Dd5f5ecbb00b73860-22a694d80ecd0050%3AT%3D1640364363%3AS%3DALNI_MbjbgGXNfHKestnKBxJbezZq4zgbg&bc=23&abxe=1&lmt=1640364363&dt=1640364363904&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=8090&adks=2756501227&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=12&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d94ff5eb5215dce69f7cc97fcff07a99dbe17569c078e2cfcbcdcae6fcb832ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		140 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2249366226072b9c07%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.A%22%2C%224945e40289d9450c%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.A%22%2C%22495cb1eebe6f97e5%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.A%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=6fcea49c-342c-4f45-98f6-cab48cd4c739&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a278daa12674de83cab5e91a656f4f81eb87daceddf8908dcdc477d3adc31e81
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8acbba15e34bab4737ea966169ba0614ed3769ef453a9b36d0a06e70a1b60416

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5d95ca9a637a2535a28c93edb01079706fb32f90412de13eb0d191eea3fe46b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
51a5b4a4-e30c-481b-872c-d41d9ff178a7
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225078bdbdb60b2a29%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225081396a779bc245%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225092dff296b6432a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225102c99f425e0ca1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ccbaf076fc7332638a5062d1eef76753cb6bac8c8cc5a641a9037d3dc9c0189c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:04 GMT
bid
ap.lijit.com/rtb/ 		95 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b3b228fefa0268a34d7a606be22240d48600e19ea3d19f0550a3e0b31a4e3a7c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cdd20838f1fb6ff8b258ef6b23d0cb5826d6de6255868cf9fbd25492992dc817

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
9f266a9def0f19fb353c85c8b89513b53731c2fd85f652683f6be72c32a810d8

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c369b1eba8cc4965a8b212c38aaf449d108772d24186d799a225b8310e0c28bc

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
71b76a7ea95ef6c061ab4674fd6728c8bfe47071f65b8d97465f4a2889487a9d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-32a5fa29-1a57-4acf-a34b-30a7c00a16fe%22%2C%22callback_id%22%3A%22522e738592de968%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364363915&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a9f77b77-6b9b-44df-ae6c-1044ebfa2420&nocache=1640364363916&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-32a5fa29-1a57-4acf-a34b-30a7c00a16fe&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
1e74c0447e97c86622071e7ef01ce35bc75128e1fa54dc00f5e425ae363e306b

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
355cd3d464ea2217f653d13f22f2ea61c9cb68d5b00c62dd7bd3803bf66a27fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
147
imp
g2.gumgum.com/hbid/ 		438 B
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=99726&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
22f555d989081e31d8279fce275b539ca0d1cef361b6904e39d87b5c50944d02

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=99728&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d676df2c266efb4ff774923f352ca0eb4c993ae1c436e51a4eaae9d9b1ad5b8d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=99729&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dba8a2d694f-FRA
access-control-allow-headers
Content-Type, Origin
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=ace2d8fa-93df-4fb2-9393-0dd03589a1f7&d=%7B%22utm%22%3Anull%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
597
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BD43
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control
private
Content-Length
0
X-XSS-Protection
0
4184810587824334659
tpc.googlesyndication.com/simgad/ Frame BD43 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4184810587824334659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qks1IixPwVzdqFiuoV0Gn11fTqKxQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ccbbaaef458ee36201750bbac267cfc7f4e62babfd4d7698d8bd5bb64857d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 17:16:08 GMT
x-content-type-options
nosniff
age
257395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46871
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 14:45:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 21 Dec 2022 17:16:08 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD43 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
25465
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 25 Dec 2021 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD43 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24778
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 25 Dec 2021 09:53:05 GMT
liveView.php
live.primis.tech/live/ Frame 4E37 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e5e325f5823e73a6aa5d08ff2d47cb72e7414bdd9a61c52ef9857d92a86860db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=457746276947931&bg=!NzSlNHDNAAZKWFskSlg7ACkAdvg8WpepInrXMLbA7eDjqPIVjftAjgKF2z0Uohuogc9LoJ2mvxpoNgIAAADLUgAAACNoAQeZAuIM68dbB6r9Ce7CQzFGkY-2yvyUQJOmqB7X6Py1TDtOyxwH8q316CwlIlTbDkvAz4S9fjY4E7AcE5xTR-wr7EPivOggjSVBvPCc9WK31D5ouY5TwbvjoQJc0MH4WY_Y5zD7J17J-XDLfWoc84Da15TFn2IFlhwP0yMpUqLcDB51NDRm5_RbPap_DsYsoLNOaHTXzvsjDomTGZlSLNKYcnpEuMTaRrH6iygmGhHeld4NCa1e-ZHUI4cv5vy57UIQNVyT31wbMa94Pg4efK6iECaXAybcmaKlSDyZ-FNjH5vuz-8oTw5i2MTN0hbUTRqqOuWdPeeESVRRKoyPiNXy08Vs-wgucaxaN35kF7I9gypmGi8DrIQqBzZESbZh4ufezyDp0oBOmEgL5JsED9o1UdPjRvdR9ZxZqag8cIBYDLh69cwcF8P_IveAr9oNKoENXeYqHrBpj9gJicyXcmG7rHTWkcEpQHy1UnMmtiHkqjEHMbKT2OB3IXYvtA3UsrGjfEUtQEjg3VsjFun-7PmWjhs_NTNhOashq-jaP2091tk_3byE3gWbWBWZNxQ4fAiD3zbZ5cHSuC6kBHC_Ske3kNdWra_rWo1zR1DV4Pg2eQpCWI1PnExy1u3ZJNfedfhnzjZ2J5s3SCtiJ4PgeYptUq_sCpKDr_udie_H6uU2MMRN4hTHZlNIZ7ry541aMYZpAasVbgRVgHoiViEtzjGK1w__hrwp2z2vw6P-VPCPJcRV5SwccLRdmQ9qPyRcxUgC9bra21VOekFC7ju60T6_Gt60j28bpCjbQO9UhW3rErg6irpdwxGj7jCrfr5E-XrkjE9VGROaweCbGUL90M7oIwq_xgC3xOfhYCgVcnwDsIj61EEiRhhfAaeVX4RgguCF8YRolXcW1cMIGATKM9FHYKkXTCy-7p6eh2KgZi_R1J95Aur5saaC0gyZ2rcj8Jc6AQ1c2jYx1GD5vBlBG2qOac4fb3E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F74F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
services
g2.gumgum.com/zones/99726/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/99726/services?dp=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&rf=&r=3.86.1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.86.1%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=a8b4c2376bc75b55cde4bdbe81fc264f418747b5&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1640364364034&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by
Host: js.gumgum.com
URL: http://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
server
nginx
timing-allow-origin
*
etag
"0d41d8cd98f00b204e9800998ecf8427e"
p3p
CP="This is not a P3P policy"
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=89ba1aaa-6234-4046-a524-d4fc9eb26308&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=4316515259297384&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDP.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D7b430283-8ae4-44fc-8b9b-bd761328e4a0%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D728x90%26hb_adid%3D7229c869ca0c9ec1%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Debcfad04b893b1ef-22e8b2300fcd0030%3AT%3D1640364363%3AS%3DALNI_MZY7TxVvRPw8G05QBhUKuGSEGh9RA&bc=23&abxe=1&lmt=1640364364&dt=1640364364053&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=260&adys=10630&adks=1687252209&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=728x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=13&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
eac2e4f903e4a523223cf7007a863eb7e90dc8e4d90e788537dca78952e5294a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8948
x-xss-protection
0
google-lineitem-id
87459936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
62490708816
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		140 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225396d29c28d41ee6%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.B%22%2C%22540e3d50ee76e464%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.B%22%2C%225416f63b5c33e7dd%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDS.B%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=5aed1404-fe7e-495f-a5ae-0b8579fe1a0e&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a3a929b533bc038ad387ba900a81dc1d747b9b3d740f83892828f77ce738c937
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99726&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99728&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99729&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b9e5c0ac714ba95a1af9a6c1bcf5ff348becb5c7a5b1f086b38f6ba74cb0b82f

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
vary
Origin
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e2204f9d-8e15-4a2e-8aa7-f14296ccc027&nocache=1640364364062&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-915ba5c6-fd09-40f8-962a-3672add0e2d4&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
f5d46cae1aa86dfd4e7be14ac5441ea7c96a61fb4312a6ec0f533a0fdc7ac8de

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
39bf6ae2c1fe2edcb6328191c1285714813de2010c65498c31ce6011ae0ca826
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
bid
ap.lijit.com/rtb/ 		94 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c12506f406a41aed9677c5db2ec682de384c089037cf99d72eb4119dedf8e517

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cac5004f75f0d4b0862640dfc70df06eb594678703848416c4ff54a781d6914a

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dbb6c21694f-FRA
access-control-allow-headers
Content-Type, Origin
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22571fec0bcaabaf62%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225722ff3abdf7941f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2257398aa289332aee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225744b6d1bf869867%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c767b952411b2de227dcbf0c0b1ded42daaef23d5a5fd05532509c2225ce641f

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:04 GMT
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
39c5929986ae95bf9bf917f879ac0cb89570f9280bc30ea0cda6f3ba3f987159
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d600f307-cbb5-407e-930e-c52955782dcc
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-915ba5c6-fd09-40f8-962a-3672add0e2d4%22%2C%22callback_id%22%3A%2257898df5a8172e4b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364364066&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2dbdcfc8f68aee1155a4b9db2811001378b0e65de4d0303a12a83c110d1d9414

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
da1265a4dcba7501cb548ed91e9ec150af9554b3f14de4f5719d06c4b4c40215

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
edebc841926cfe0907fdd4e4b3996ed4951cd5b00c2a6e7c5182050fb10b861c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
ads
securepubads.g.doubleclick.net/gampad/ 		422 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=2955869552768077&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.M&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Dac295df1-e4c2-4e21-a1d8-1aafda0c5c54%26monu_df%3D0.03%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D72069209d3da16e2%26hb_bidder%3Dix%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D2cff029cd41ecf0a-22d9f8990ecd00c4%3AT%3D1640364363%3AS%3DALNI_Mao2P7EaT-cYqHgmB_DdsR3IFB-1A&bc=23&abxe=1&lmt=1640364364&dt=1640364364121&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=470&adys=8743&adks=2728476332&ucis=e&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=14&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3c81291fb7455862c7cbff12df735c3d3c189ab0ab48ae7a3bae7a2b85141a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1656 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=32a5fa29-1a57-4acf-a34b-30a7c00a16fe&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=3554151345019122&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDS.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D1%26monu%3D300x250-160x600-300x600_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D7cc16481-2a1b-44e1-a4db-57696ba4266d%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D7246024fd3971287%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Dd1824c8a8a4d6968-22aa16270fcd00b7%3AT%3D1640364363%3AS%3DALNI_MaBD8UJwzSzMN8u6H_Dq03WB_22MA&bc=23&abxe=1&lmt=1640364364&dt=1640364364165&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=918&adks=276319871&ucis=f&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=300x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=4&ohw=300&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a74e6b08be43d979f719d60ffeca980eecdfc4b0a41c38e8a2632d5be1bac03e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8968
x-xss-protection
0
google-lineitem-id
87459936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
62490707376
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
7b6e002cd935be25fca31e427aca7bf4db21c1f9a96496ae4e1bedbebd0d2e59

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
845477e7b0a7a71f2a6727f1500e6323cb178ae2c7c2b9e387b81760602d4362

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=35a83a88-7a1b-48ed-b37e-9759bcfde098&nocache=1640364364168&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-8509026b-3ca1-470f-9472-1ce3ec32f668&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
8b9d1bca8c323d5b5374882731c304332a8bb2dc31d792a8e9a27ee62458c8a5

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:03 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99726&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99728&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99729&pi=3&bf=300x250%2C160x600%2C300x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
3c3404ef68f8d1603eeddc5ae702de9cb74dc3d3c5c194f04bfaaa13089e1f65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22606b0707f6ebcaec%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22607ce18ab895bb41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260880808bfdd0c03%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2260962522a59945a8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e33de8aba372cff7bc881ae5f384f097ca6ed770b68befe358ea1fc0361d76d3

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:04 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7e9cdd2e2a904a131ae701fdf0200111c5e0b46454c3091596789032481f34d2

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
69b4b250d33b0860a1f082614b027421bec0c6058a2f0e9ca684407ee0591d00

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
11624b408a26fc5bea30f65994392989dc97fec4c2fad3d3e8bac50af6e6deac

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dbc1d91694f-FRA
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b1a93bf2b33e4d3478aa607391941539ea26bd2ff63aea0bf4982df05b086baa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cd26a1e9-6a34-4317-81c1-3ca1e58a22ca
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cb8f7e46c65ce909baf597a773c85ad48bd7a3ff34c707a503ecfa14fd506b5b

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
trinity.json
apex.go.sonobi.com/ 		140 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22621d2835ccf99588%22%3A%22177369c437c672237248%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDT.C%22%2C%226225b2eab4e9ca9f%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDT.C%22%2C%22623e2deced6e6fb2%22%3A%22d23fc2fbe929165f22f9%7C300x250%2C160x600%2C300x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDT.C%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=b86aadab-6d35-4f5c-9917-cb4bae7684b8&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
bdc89899be795c6eb99046f44bd35909c1214c2d828f7a4e6609db4026780fa1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
165
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-8509026b-3ca1-470f-9472-1ce3ec32f668%22%2C%22callback_id%22%3A%226255fc509d35e07f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364364180&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 4E37 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 24 Dec 2022 16:46:03 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4E37 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 24 Dec 2022 16:46:03 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4E37 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 24 Dec 2022 16:46:03 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 4E37 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 24 Dec 2022 16:46:03 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame 4E37 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:43 GMT
server
nginx
etag
W/"619b8cfb-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 24 Dec 2022 16:46:04 GMT
liveVideo.php
live.primis.tech/live/ Frame 4E37 		621 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105365&schain=1.0,1!monumetric.com,ace2d8fa-93df-4fb2-9393-0dd03589a1f7,1&cbuster=1640364363&pubUrlAuto=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
22626479c38c845a4cf3ad476133c34ff496d2c94e72f201be28c904347f2fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:04 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ 		95 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
37d60574228245e6373bd4655dc187316bbe21d8490b719ac4c929d8cb9de66d

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
trinity.json
apex.go.sonobi.com/ 		96 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226342cd5538e2c765%22%3A%224038e93c4d4c13bc38d7%7C728x90%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDA.B%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=fc0ff3c5-4c90-4f59-afb0-06631dce7c40&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
f38bd40b9ea64f940710182569d53f35789e953c832156f4a4de95e238e6f1c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
121
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		476 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&t=2eb060aa&pi=2&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
67354a3f9a9e2a313f420d83cb30882d5ba4189c9d0f33adf265dc03f75c5ce7

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dbc6e10694f-FRA
access-control-allow-headers
Content-Type, Origin
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d66c6469025699e50a22a7e32f94a395d26fdb5d539fb859611f22c8fd00a6fb

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
c737bbdffc6cd9d60ce00408376f91d1191883b9363ee55faf8c8d23d4957dc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
146
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c2e120be308cba4e8e6b19b319499ac913447d5e17bbcf7b5c738eadefa4f6ab

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-b32dabe8-4103-456f-b88e-67c123cd18ca%22%2C%22callback_id%22%3A%22646c059633dc897c%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364364226&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a6ba5a3a-9f32-48b9-aead-bc04fad87005&nocache=1640364364226&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=728x90&divids=mmt-b32dabe8-4103-456f-b88e-67c123cd18ca&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
57558c6f8aa03c0dada7b51fda84bad11e5613adfc9c149b62a751a8c3ecb999

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22649658d48c160b98%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22650d97b9304d997b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a005c1ff0128fc658e07021b7500e84f325672fbe4609097d12e7ffb93dacdbf

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:04 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_728x90&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a40c136fa81abe6e9476e23b94707864d74dec22ff5a89f845a526dbc7b63074

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
13bed15444422153b6c1e43fac73effc9295d3eb29fb2ae6326f87ca02f9b44b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ad1ed9f2-5c8b-42ba-84ed-a1011a85abed
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F74F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 20:53:59 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F74F 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34265
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c2b4dbcfe8d695e-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F74F 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:04 GMT
pixel
protected-by.clarium.io/ Frame F74F 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0L2FwcG5leHVzQXN0OjMyMHg1MA==&v=5&s=v31fnmlbkg3&id=eyJkZnAiOnsiYWQiOjM5MDYyNDk2LCJjIjo2MjQ5MDcwODMzNiwibCI6ODc0NTk5MzYsIm8iOjIwMzk2NDkzNiwiQSI6Ii8yMDg0MjU3NiwyMjUxODgyNjcwMi9FTUwwMk0vRU1MMDJNLURETC5HIiwieSI6MCwiY28iOjAsInMiOiJtbXQtYmlhY2RzaWQtZjJpYy1qaXRiLWttaWwtaWN0b2FtdHR0aHRjLjcifX0%3D&sb=undefined&cb=4498067&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEwyRndjRzVsZUhWelFYTjBPak15TUhnMU1BPT0iLCJ3ZCI6eyJrLmhiX2JpZGRlciI6ImFwcG5leHVzQXN0Iiwiay5oYl9zaXplIjoiMzIweDUwIn0sIndyIjo0MH0=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_300x250&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a82ec4524bfee833eb193ef4ddf6553d662db74a605c5220e5734e83681af493

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f4da97c0b6d&pos=betweenusparents.com_desktop_atf_160x600&cmd=bid&req=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&req(url)=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
bea32d7c8d521f5288bb3b66d031e6ca9d753d5a912bb3166602157fb3bfa65c

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
dd3ee983636a0da00feb7add7fde35e10561104b091c725d4a8fa56c5379bd41

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e8bed6cecdc801eb6ff79c85b80d205fc06d7923050c456ce0af0ce4ca081797
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6e2450f4-a90a-4469-9956-479345b3c0a9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-813357c3-33b0-40df-9dac-e49181d13297%22%2C%22callback_id%22%3A%22668eff202fb28c31%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222656731526720332007%22%7D%5D&page_url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&bust=1640364364309&pr=&scrd=1&dnt=false&description=Finding%20presents%20can%20be%20a%20ton%20of%20fun%20with%20a%20festive%20scavenger%20hunt%20around%20the%20house.%20To%20make%20it%20easy%2C%20here%20are%2046%20printable%20Christmas%20scavenger%20hunt%20clues.&title=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.120.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-120-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aLqHwesbSr6PvgaKlId8sQ
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9418cc4ca2584494c85065ff0bd5bf5ab4d32353975b6acf3a795991dd46cb79

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid_display
display.bfmio.com/ 		138 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.34.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-34-198.compute-1.amazonaws.com
Software
/
Resource Hash
5aaaae2f48ace39a7a0146956234a0cc37a26677d229006d5f17d1c34b404176
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding, User-Agent
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
145
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99726&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		438 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=5b12059d-38d7-4f76-9a83-52687b88ce04&si=99728&pi=3&bf=300x250%2C160x600&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ns=10240
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 24 Dec 2021 16:46:04 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://betweenusparents.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
trinity.json
apex.go.sonobi.com/ 		117 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22679a1175430de18b%22%3A%22177369c437c672237248%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDR.A%22%2C%2268062030291511f%22%3A%22dcc4cd9596e80d497120%7C300x250%2C160x600%7Cgpid%3D%2F20842576%2C22518826702%2FEML02M%2FEML02M-DDR.A%22%7D&ref=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&s=38f28d8e-4f7c-4a44-821c-7b7593d80db2&pv=5e6775f4-d417-4aba-9700-5e2bb8c85b78&vp=desktop&lib_name=prebid&lib_v=4.43.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
1d5da30c6223fdee5615e3a744a1e510ebf0f3a88860073d42eec18487b3a8a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://betweenusparents.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
142
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
cf-ray
6c2b4dbcff22694f-FRA
access-control-allow-headers
Content-Type, Origin
cygnus
htlb.casalemedia.com/ 		37 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22683c360e906939a%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22ace2d8fa-93df-4fb2-9393-0dd03589a1f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268414cb70d265f6b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2268570276b4f19329%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
300513b006bdcac7a03ab8a7f35b31d2e48d1425db6a5c0dd9449ad5f91c4ca4

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[91.238.82.155], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Fri, 24 Dec 2021 16:46:04 GMT
prebid
prebid.media.net/rtb/ 		1 KB
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
18928d9c25235f8ef57b517f57ab98184a51c0ffdeb7fb79f1f6bdc8507058d2

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
bloggernetwork-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bloggernetwork-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=35a98ab5-30ba-4696-a150-ba15909688f6&nocache=1640364364314&pubcid=39a780df-6e0c-4562-962f-26b231a1ee51&schain=1.0%2C1!monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1%2C%2C%2C&aus=300x250%2C160x600&divids=mmt-813357c3-33b0-40df-9dac-e49181d13297&aucs=&auid=539935965
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
9f287771fa942efe6f1945f2534c1cd49fc7cbd801d626bce7b3fd2258d79406

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://betweenusparents.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=8509026b-3ca1-470f-9472-1ce3ec32f668&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=4381312876378214&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDT.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D3%26monu%3D300x250-160x600-300x600_B3%26directDeals%3Dsticky_sidebar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D76a964de-8256-4904-a658-8103c732fcaa%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D72899a90f01277e1%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D05e967ccba839738%3AT%3D1640364363%3AS%3DALNI_MaghmT8fvIZTcbc77umZ4sT5SNoBg&bc=23&abxe=1&lmt=1640364364&dt=1640364364338&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=3043&adks=3689856459&ucis=g&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=300x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=4&ohw=300&btvi=15&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a0d4d04ec02dfd8db90e759968d78ffb3c440f8e32201f0e036996ab7c3d765d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32908
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/ Frame F93D 		2 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c288085eed1269e213db44c857785da69dcff137cd941d12985b310ced1d6c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
863
date
Wed, 22 Dec 2021 10:16:10 GMT
expires
Thu, 22 Dec 2022 10:16:10 GMT
last-modified
Tue, 02 Nov 2021 17:08:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
196194
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 1656 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZonqS_nFYbqnL46RrATA852YC_yRl_xlqJeI_IkP6cWSvo4qEAEg2NXYK2C7BqABxuzRtQHIAQmpAte-2cfNgLY-4AIAqAMByAMIqgSuAk_Q2K83N3PihvsdKW3SY7_i1OGKiUWZmRn0bHDRnM_C6aAUOn6sRqUKTcL3FeZgLzEP8cqMpFjAUzNIEjquD509_CqkXqHlRgAIjuArhZfBUunx1hw5xVu40AOAlxTZkfGPrKy_rfKklLVe1jrPmnkVpXjoXGuLuIgji9SvPitpOyT-Q-V3jv04OBrXDCjTEN5ZjZheA1dOvllAn5MovZmtDIWrR1RW5teHVR0Zlg0em1_Umzfi-mRybDmDQfyTgxgXbkTkju3KhBnmirKjsBuHYfUe2REyvp0XAL1EEli0n96QlyyzXuDnbiUA2EQbjGM_l2otpcjUb-dn-1Aqyf8k7_XdIdvVvWDX1c5zUqrWLuk6xxGP6aTgnl17Tkuy2vEji-ztP5-j5IcIxjkYwAS6uOHp6gPgBAGgBi6AB6KTrsoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ2JsJ0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi01OTE1MjU4NDAwMDk1NjU1gAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=o9ql2nSEWFs&uach_m=[UACH]&template_id=419
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1656 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:42:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1656 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:45:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1656 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1656 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:41:42 GMT
pixel
protected-by.clarium.io/ Frame 1656 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fnmlbkkg&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTE4ODI2NzAyL0VNTDAyTS9FTUwwMk0tRERMLkkiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWJpYWNkc2lkLWYyaWMtaml0Yi1rbWlsLWljdG9hbXR0dGh0Yy45In19&sb=undefined&cb=6386572&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 07FA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=915ba5c6-fd09-40f8-962a-3672add0e2d4&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=1850501910954704&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D59aeee6d-fc6a-4950-a0e7-6339383822a0%26monu_df%3D0.03%26safeframe%3Dtrue%26hb_size%3D160x600%26hb_adid%3D7292b7be82c173e5%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Debcfad04b893b1ef%3AT%3D1640364363%3AS%3DALNI_MZLdFjIOcyFdRWJeaSkD78a6eXo-g&bc=23&abxe=1&lmt=1640364364&dt=1640364364483&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=1952&adks=3058746685&ucis=h&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=300x29&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_w_0nXcgG0OeA6LWRIbLo58gezEmxUCrVrL7E7rhQoL8FhfS_8NWODWwgInFgYQDHWcEq6dpPW5eu0jiQBQA&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=4&ohw=300&btvi=16&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2de99afedc23ea22e01d5c3e69bdf3e1406baa0ed873877279a44da3561335af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33334
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=b32dabe8-4103-456f-b88e-67c123cd18ca&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=158227579912295&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D2%26monu%3D728x90_A2%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D038debc3-8a48-47ee-999a-8bf200cc0ef0%26monu_df%3D0.12%26safeframe%3Dtrue%26hb_size%3D728x90%26hb_adid%3D73070da5695b8216%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.18%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Debcfad04b893b1ef%3AT%3D1640364363%3AS%3DALNI_MZLdFjIOcyFdRWJeaSkD78a6eXo-g&bc=23&abxe=1&lmt=1640364364&dt=1640364364489&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1192&adks=413268650&ucis=i&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_w_0nXcgG0OeA6LWRIbLo58gezEmxUCrVrL7E7rhQoL8FhfS_8NWODWwgInFgYQDHWcEq6dpPW5eu0jiQBQA&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=512&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c50161ef39819d58bc2b53b4dc734e7cae2acdc1fea56debadabb6a851e53939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12438
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imps.monu.delivery/mmt.gif?s=1a7e84d4-c2d3-4bba-90ab-997da950c905&a=b.r&u=813357c3-33b0-40df-9dac-e49181d13297&d=%7B%22utm%22%3Anull%7D
Protocol
HTTP/1.1
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:36:06 GMT
Age
598
X-GUploader-UploadID
ADPycdt5yAZN4dutoHCkuQg2iln4jY84jM4CFzLcDC8vaor5PD30ObSEC6OxcOxbx-HnJoWqBK9cguxoolOwkQzCxbX_Xya9Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
37
Last-Modified
Wed, 12 Jul 2017 09:13:19 GMT
Server
UploadServer
ETag
"455005e2f4b8ecc484500fab08619f70"
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation
1499850799559224
Cache-Control
public, max-age=3600
x-goog-stored-content-length
37
Accept-Ranges
bytes
Content-Type
image/gif
Expires
Fri, 24 Dec 2021 17:36:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=2426426685640950&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDR.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600&prev_scp=pos%3D1%26monu%3D300x250-160x600_A1%26directDeals%3Dsticky_pillar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26amznbid%3D2%26amznp%3D2%26tynt_pillar%3Dtrue%26tynt_id%3DbDR-SEhTGr67n_aKlId8sQ%26auction_id%3D8e6cc856-e721-4b75-80dd-039b3cba8594%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D160x600%26hb_adid%3D731926307cf2aed1%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D2cff029cd41ecf0a%3AT%3D1640364363%3AS%3DALNI_Mbmml0LFZF3TsNzm7QuHVNGaJujkg&bc=23&abxe=1&lmt=1640364364&dt=1640364364504&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=1196&adks=3077978926&ucis=j&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_w_0nXcgG0OeA6LWRIbLo58gezEmxUCrVrL7E7rhQoL8FhfS_8NWODWwgInFgYQDHWcEq6dpPW5eu0jiQBQA&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=512&ohw=0&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1475908bdd082cec6ce68fc662609fdff916205ff566ded78cabfa2837d3fc01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9152
x-xss-protection
0
google-lineitem-id
5522573437
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138328293966
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4E37 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
624
x-cache
Hit from cloudfront
server
Server
x-amz-rid
19ANMYHXGZ15S57FNP1K
date
Fri, 24 Dec 2021 16:35:40 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BF-TT24UNxhvIE2nAcEzxo09wltENpy1ihBP4R84RLnUi03nMxvGgQ==
css
fonts.googleapis.com/ Frame 37C5 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 16:22:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:46:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:46:04 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 15:42:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:46:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:46:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0253 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57745
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:04 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 7C01
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=94&advUuid=fc168277-64d8-11ec-8c61-1a404fd50206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=94&advUuid=fc168277-64d8-11ec-8c61-1a404fd50206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
nginx
date
Fri, 24 Dec 2021 16:46:03 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=94&advUuid=fc168277-64d8-11ec-8c61-1a404fd50206
X-fe
65
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 5F2B 		43 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Fri, 24 Dec 2021 16:46:04 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 27ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
9a99b6941501fdd27cf1995b5a9420cfcb750edccaceddef7c8646426088b6aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
852
Access-Control-Allow-Origin
http://betweenusparents.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 4E37 		74 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt3ODYyMxZ2nWRyo181ZGQmOGVzYwI5YWU2ODE1MDI3MTx3JTJGqzyxNWY1ZzQmMWElYwtmYwM4MTM4NTx5Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MTAjODI3NlZ2nWRsY29hqGVhqF9xZXNwPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X3RcqGkyPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X2R1pzF0nW9hPTM0MvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTU1NvZ5PTMkMlZjqWJVpzj9nHR0pCUmQSUlRvUlRzJyqHqyZW51p3BupzVhqHMhY29gJTJGY2ulnXN0oWFmLXNwYXZyozqypv1bqW50LWNfqWVmJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmIlRDMlMmQ1RwMkMmt3RDqCNmMmMTM1MmImNDMlMmImODM2N0Q3QwQmMmUmNmqEN0I1MmU5NxQ1NwMjNwQmMwU2NxM2MwZFNTY3QTYmNDp0Nwp5NUE1NmM1MmA2Mmp5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmtmODM5Mmp3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw05MS4lMmthODIhMTU1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhOTMeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkoW9hqW1yqHJcYl5wo20yMxNuY2UlZDuzYS05M2RzLTRzYwIgOTM5Ml0jZGQjMmU4OWEkZwpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFwNWY5NGMjMzUkOCZwYaVmqGVlPTE2NDAmNwQmNwQ2MTEzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5add136eafd18cc88a05d3ad7763e47691b43bfe0e8cf20fa49d01cbdfb0efba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8572
liveView.php
live.primis.tech/live/ Frame 4E37 		74 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt3ODYyMxZ2nWRyo181ZGQmOGVzYwI5YWU2ODE1MDI3MTx3JTJGqzyxNWY1ZzQmMWElYwtmYwM4MTM4NTx5Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MTAjODI3NlZ2nWRsY29hqGVhqF9xZXNwPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X3RcqGkyPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X2R1pzF0nW9hPTM0MvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pCUmQSUlRvUlRzJyqHqyZW51p3BupzVhqHMhY29gJTJGY2ulnXN0oWFmLXNwYXZyozqypv1bqW50LWNfqWVmJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmIlRDMlMmQ1RwMkMmt3RDqCNmMmMTM1MmImNDMlMmImODM2N0Q3QwQmMmUmNmqEN0I1MmU5NxQ1NwMjNwQmMwU2NxM2MwZFNTY3QTYmNDp0Nwp5NUE1NmM1MmA2Mmp5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmtmODM5Mmp3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw05MS4lMmthODIhMTU1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhOTMeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkoW9hqW1yqHJcYl5wo20yMxNuY2UlZDuzYS05M2RzLTRzYwIgOTM5Ml0jZGQjMmU4OWEkZwpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFwNWY5NGMjMzUkOCZwYaVmqGVlPTE2NDAmNwQmNwQ2MTEzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
b2dad57b4bbee0e3acf68a51d891eec1769bac308896552b379f61c64d4c6705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8575
liveView.php
live.primis.tech/live/ Frame 4E37 		143 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTxyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwt3ODYyMxZ2nWRyo181ZGQmOGVzYwI5YWU2ODE1MDI3MTx3JTJGqzyxNWY1ZzQmMWElYwtmYwM4MTM4NTx5Mv5gpDQzqzyxX2NioaRyoaRsnWQ9MTAjODI3NlZ2nWRsY29hqGVhqF9xZXNwPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X3RcqGkyPU1ioSgEZXNcZ25mK1NwYXZyozqypvgIqW50K1RiK1N1paBlnXNyK0RuqWqbqGVlplgXnXRbK05uqaxeUGyfo3QeRGFxJTI3plgIo21yY29gnW5aJaZcZF9wo250ZW50X2R1pzF0nW9hPTM0MvZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTU1NvZ5PTMkMlZjqWJVpzj9nHR0pCUmQSUlRvUlRzJyqHqyZW51p3BupzVhqHMhY29gJTJGY2ulnXN0oWFmLXNwYXZyozqypv1bqW50LWNfqWVmJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmIlRDMlMmQ1RwMkMmt3RDqCNmMmMTM1MmImNDMlMmImODM2N0Q3QwQmMmUmNmqEN0I1MmU5NxQ1NwMjNwQmMwU2NxM2MwZFNTY3QTYmNDp0Nwp5NUE1NmM1MmA2Mmp5MmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmtmODM5Mmp3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw05MS4lMmthODIhMTU1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhOTMeU2FzYXJcJTJGNTM3LwM2JaNwnGFcow0kLwAyMxMkJTIkoW9hqW1yqHJcYl5wo20yMxNuY2UlZDuzYS05M2RzLTRzYwIgOTM5Ml0jZGQjMmU4OWEkZwpyMxMkJaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFwNWY5NGMjMzUkOCZwYaVmqGVlPTE2NDAmNwQmNwQ2MTQzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
596a663c0ed4e23df38c2a4bfa1bdd95602b793240e938d16c19603fcd7f7dcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
11812
chunklist_480.m3u8
video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9b07ac829b023f6a398f3793a1793fed5bf57e25771a810e5c0330db21be0267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
1994
last-modified
Thu, 19 Aug 2021 10:14:23 GMT
server
Tengine
etag
"60d7d29bb386d0109153ad53dcc73ebc"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ULvDbPE-gKAwAndlr6ZOdN2UliSNhpDpHNufk4LtfN5_Jn4hFsdgLw==
expires
Fri, 07 Jan 2022 16:46:04 GMT
vid5f5fd31a2b83b381385992_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/ Frame 37C5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992_thumb.jpg?cbuster=1600115497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
d99d44ceba26e7cac0a527f245957aced4fdf46769e37e5e53a078703f8f0543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:51:51 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"3a2e347932800b97381d6a7086953bc0"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2203
x-amz-cf-id
Lpyle6aIQ7QoDiWHIpFHh53gNTx-MGk7PHhRx0v8BUKr2IuCGi28MQ==
x-proxy-cache
HIT
vid61b7db0f0b5a8510101543_thumb.jpg
video.primis.tech/uploads/cn5/video/users/converted/28243/video_5d5169d0c672c928090769/ Frame 37C5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/28243/video_5d5169d0c672c928090769/vid61b7db0f0b5a8510101543_thumb.jpg?cbuster=1639439842
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ec579027d6cfa43ab97eb2cf809fd645bc8eeef265c18a7421c8b91d5653b0e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 7210fed509d8e341021bffe29c62787c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 23:58:42 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"0b2dd0709b2c140022b44d9a37b7e766"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3698
x-amz-cf-id
Uw8SwIkmMMVmIRs2aO6qEqJFSlrzEd7d-lkuBs6owe5j9LiboRBeGg==
x-proxy-cache
HIT
vid5ea017d6dade6422634366_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/29187/video_5e60e18ca09e2772010808/ Frame 37C5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/29187/video_5e60e18ca09e2772010808/vid5ea017d6dade6422634366_thumb.jpg?cbuster=1603100178
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
59f2bb9aa5c090ee7b359a3314c042dfb6829c3ef5fcd02195349376506f724c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 8791078fc4adbfd0d41a1431725b690e.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:52:07 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"83f04530b22702f5f11290bca0706b05"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1934
x-amz-cf-id
DANUjr0WgVmjCJw3pDFc6htU-Kuk-WOaLn1IZoVfy9XILNbrYRZ5RA==
x-proxy-cache
HIT
vid61b382cb4acfd548745990_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/28588/video_60f1775aec08f104251371/ Frame 37C5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/28588/video_60f1775aec08f104251371/vid61b382cb4acfd548745990_thumb.jpg?cbuster=1639155482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
7fd048575f58233cb45f9dbc59f420e878cbdbe7edd530b1c8bc33763dadbdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 bcfde77e1326fd9531586693834730c1.cloudfront.net (CloudFront)
last-modified
Fri, 10 Dec 2021 16:58:02 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"f99abe764b5ef2e53ba405f7e58671ae"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3664
x-amz-cf-id
UoAHbBJUb3Q-LuJNRmnHVNQ3oPJJFWdMeaJaXGxrgcal6mcAdrRSRw==
x-proxy-cache
HIT
vid61c23eb93254b017297607_thumb.jpg
video.primis.tech/uploads/cn12/video/users/converted/24485/video_5c07da0dbca38732888483/ Frame 37C5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/24485/video_5c07da0dbca38732888483/vid61c23eb93254b017297607_thumb.jpg?cbuster=1640119996
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5ff2ac6c5126e32d34a2117fcf90583ea4465bccd96027f7df9cf41bbd4dd827

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 20:53:51 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"f9f8837b11f1fd67595bd350c66553f9"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2804
x-amz-cf-id
PREZjyyACvbFo5BQaj66OS1soDLmtBEsort0w-qvmbAgRbWuL6Xjdw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0MDM2NDM2NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MmY1JaN0YT0jJat9NwxjJax9NDAjJaZcZF9jYXNmRG9gYWyhPWJyqHqyZW51p3BupzVhqHMhY29gJaN1YxyxPWJyqHqyZW51p3BupzVhqHMhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMwJEMmImNDVGMmEmODqEN0I3MmMkMmUmMwM0MmImMwM4MmY3RDqCNDMmNTM3N0Q3QwUmNTx2RDU2MmA2NDMlNTY2QmYlNxU1NwqBNwM0NmQ2Nmx1QTU3MmUmMDYmNmxmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmOTMjN0Q3QwU5MmQmMDMjN0Q3QwY2MmE3RDqCNEMmODM4MmxmNmqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw05MS4lMmthODIhMTU1JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx2LwAhNDY2NC45MlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFwNWY5NGMjMzUkOCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQjMmY0MmY0NwA2JaVcZD1TZWgcozRiU1BfYXyypwYkYmVzOTRwMmZwODxzpHVvVXJfPWu0qHAyM0EyMxYyMxZvZXR3ZWVhqXNjYXJyoaRmLzNioSUlRzNbpzymqG1upl1mY2F2ZW5aZXIgnHVhqC1woHVyplUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 4E37 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.95.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-95-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 4E37
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=93&advUuid=a78a1cc0-2346-40ab-895f-16ca1f5b0b78
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=93&advUuid=a78a1cc0-2346-40ab-895f-16ca1f5b0b78
Protocol
H2
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=93&advUuid=a78a1cc0-2346-40ab-895f-16ca1f5b0b78
date
Fri, 24 Dec 2021 16:46:04 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 4E37
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=99&advUuid=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=99&advUuid=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB
Protocol
H2
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=99&advUuid=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Fri, 24 Dec 2021 16:46:04 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 4E37 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 4E37
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=105&advUuid=8808822811383001847
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=105&advUuid=8808822811383001847
Protocol
H2
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0dee5db6-22bc-4562-b7ec-2406dfd62066
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61c5f94c02e18&pixel=&advId=105&advUuid=8808822811383001847
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid5f5fd31a2b83b381385992.jpg
video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.jpg?cbuster=1600115497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8c265259bcadc1dd148f82197683f2b1a8e6c52cea11b6fea8c8103482a51341

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:51:51 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4d2a122c43c7efecc9dd07e163e8b85e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16858
x-amz-cf-id
_qg5-RQHGYx1tkNmGlOoUFigSaemNBZTSjxM0WdEE7ijlb0EjZ9Zwg==
x-proxy-cache
HIT
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame F74F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSf_QTrZ1vQbrTQNOz1i7ClfgNjODUwVLUWXSutXsX0F1f24IDKO5o9tPkIKxljnDaJY9rsuQBcisznDAQJI57KOK7nBefvMSAQDGEml2fnbbDg6GhvbcaRuUrJV1BX8YpxZFtIK9Ukgmb81Z3WSo4W-y47xL-jPfHUMFCPebIWv2I6k5a1foKb7r0BIAJMl2LZy4nnSl7JVIE_5pjlONwq-vrUQsWs8RRKOdQ-21aYZ9bFDWX2v21pSleaHfjp_M3M-k6tyjbrv_pHa1MdklFrsHqF5uHtNpGlBUMBq83k5eOsYYlAMQAMu8XFUnTBZMUgWP2z3E&sai=AMfl-YRGSlGey5f2502Swzy8PuqIZPMz7zwNOWypHkrd3Gwuqbc3KJdP4OMxYMmDJpbdTeSqjF36z8pnC2iCCaAEmo56tIylNXmH8HM1QxvyJsg9U-zVOgmzDP89unv85SM0&sig=Cg0ArKJSzJI4rjQbxE5GEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F74F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90b9fd568f8bc1ec18d18cc03b478a658e73a1f5d654122a18699035c878ecca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F74F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEggJk9UxLhVD2ggQ-A-ztdJ1kcSzhNNIXnI9wjaI1OAScIfCDpjAiBfriAGMp27xnFOFxPSAnPq0XcfIY9Qxv4ZgL0dMccayp3CAR2cqOim0pxddm-JX3TkugZYVSCUhPrIiXEd5FW2gUryAQkVez991yWq-u2mAK3dsuA_A-cymU8nxmMQ-LNaXqmtjwbIl_g7o9nbAVrv0t5QxoxzaFTe0yR4LJaWXaAfMZEA05KhRfd1oXhg-NapE17sqejpFdtnYf6FSzjARAh1GLbNxjjThF15k-eflSLVJ1BqcC_PkC9aKVVLcfp9ZeXCCRmcqpOCv-s8J5QQ&sai=AMfl-YQShW9Kf1nvZnDkpyirypPMJt9wL5s88DsjmpHk6DOHDhtLHWpxNIXka8kfL6jsf6WQwgMg9BhBwC2TB-AZ8mc7uSE6kh7qZmZDwnd-ZPGZOUCaR5bCnyX9J0Ll6PK9&sig=Cg0ArKJSzDu11pql2c1fEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Dec 2021 16:46:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
11176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 13:39:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 37C5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
11176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 13:39:48 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F93D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 25 Dec 2021 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F93D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8638
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 25 Dec 2021 14:22:06 GMT
lottie.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/ Frame F93D 		256 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/lottie.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
142568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65920
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 17:08:08 GMT
server
sffe
date
Thu, 23 Dec 2021 01:09:56 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Dec 2022 01:09:56 GMT
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0193 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 426A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 24 Dec 2021 16:02:22 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2622
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vid5f5fd31a2b83b381385992.jpg
video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.jpg?cbuster=1600115497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8c265259bcadc1dd148f82197683f2b1a8e6c52cea11b6fea8c8103482a51341

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:51:51 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"4d2a122c43c7efecc9dd07e163e8b85e"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 07 Jan 2022 16:46:04 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
16858
x-amz-cf-id
_qg5-RQHGYx1tkNmGlOoUFigSaemNBZTSjxM0WdEE7ijlb0EjZ9Zwg==
x-proxy-cache
HIT
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 0829 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_934144046439
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:11 GMT
Server
Microsoft-IIS/10.0
ETag
"b4e1f13fcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 0829 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=320;ad_h=50
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c87c4841f4afb812f6bc2e0a62d85acf0e7ecb6648e3b84cb5e5a0b9175b0081

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:57:06 GMT
server
AkamaiNetStorage
etag
"2e88e116bb481bc9bd516a8102b1364c:1637085426.387863"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1604
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 0829 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.59.24.120 , France, ASN16276 (OVH, FR),
Reverse DNS
js02.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
"61b86d72-ffba"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65466
px
go.affec.tv/ Frame 0829
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=6577755767712387454&tag_id=13079169&creative_id=328611590&creative_size=320x50&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.5...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94dda342e000138806a%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94dda342e000138806a&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.217.255.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//go.affec.tv/px
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
71
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/222/ Frame 0829 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/222/trk.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:04 GMT
Content-Encoding
gzip
Age
885859
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29209
X-Served-By
cache-lga21973-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 14 Dec 2021 10:40:55 GMT
Server
AkamaiNetStorage
X-Timer
S1640364365.868022,VS0,VE0
ETag
"27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 2083235
it
ams1-ib.adnxs.com/ Frame 0829 		0
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fbetweenusparents.com%252Fchristmas-scavenger-hunt-clues%252F&e=wqT_3QKIDvBMCAcAAAMA1gAFAQjL8peOBhD-opiO08C4pFsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUIbu2JwBWJjTW2AAaPqJM3j7-AKAAQGKAQNVU0SSAQEG8FWYAcACoAEyqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU5MDY-APC2kgLlBSF3NVJTUVFpVW1vRVlFSWJ1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TkRRd01lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGc1NLUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASEtUno5Qj7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPD9OEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMxOjQ0MDHaBAIIAeAEAfAEhu7YnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABELDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMjg1NCNBTVMxOjQxNzO4BgDBBgABMSwA8D_QBuUC2gYWChAFEB0BWBAAGADgBgHyBnIIvI1PEmxNQklCTmswQQLYREFBa0NCUUVJdGRIMEJ4RFI2dGdDR0lyMmlnTWdCeWdBUUtQUGpnZEloZFcxQjFDYkxWak5JSDrjAZXgDEFBQUmtIEhKb0JBZ2dBgAcBiAcAoAcBugcPAclMGAAgADAAOL0GQADIB_v4AtIHDQkJqwQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=aa03bb4b5ab28896bb013e0f5fa233c0ef5d379a
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cbaadf1a-b277-4531-8950-3e7b41261d8f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 835C 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 835C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 835C 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 835C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 835C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 20 Dec 2021 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 20 Dec 2022 12:47:33 GMT
css
fonts.googleapis.com/ Frame 835C 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Dec 2021 16:05:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Dec 2021 16:46:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Dec 2021 16:46:04 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 835C 		295 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24779
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 25 Dec 2021 09:53:05 GMT
pixel
protected-by.clarium.io/ 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fnmlbl1r&sb=-1&h=betweenusparents.com&cb=5872413&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 835C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 04:31:35 GMT
x-content-type-options
nosniff
server
cafe
age
44069
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Sat, 25 Dec 2021 04:31:35 GMT
l
www.google.com/ads/measurement/ Frame 835C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQr9TfYWIU2_jucMYthIfMEtyXG0C_NOrBogscpLW9lCKnORoE00kddJ1fOMAZg40SvCOhJTccWwY_mdSk3YiAo4hb4Hw
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 835C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEUdITPnFYcmpII343gOC463QDsWCx7JmpuPrkfMOwI23ARABINjV2CtguwagAfu9nZUByAEB4AIAqAMBqgSYAk_QzOxvzqqqY-pagAFWfxMFs95PFri6WhCw885Su4l-UKPBx28a6oAUlkHtY18POgtzWbGMTuxhfT4yNxmP6vPkb4TbaP2fKa6ajoeh7naqieeoLAVa6DcYa0DzPa_wYi8bdukweDq_CG3IXWLV91H_5xvh4RKozZ1Rxhix_HFZ7xkh6FCuBEWdhMFIbtfNJ7cIbbJUrKighQdKg-vGWoCkOd9Rp-t5s501TaSt6zbwUKnjseEcu1FZ-1ZU-PBL7EUNZX2TrW4P_rO9S3wZfKkwoLgUzza4yZX-AQ1Jenn6SSIYhN5dlX1Us3YlJTP4zQCS9NjLMOaTXSFDZAMSDFN2O0SWUQsJGA4Bm5UEOY_vQ04eLniOjEHABOjwsaLiA-AEAZIFBAgEGAGSBQQIBRgEgAftweLqAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIiGC9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTkxNTI1ODQwMDA5NTY1NYAKA8gLAdgTCogUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0zOTQ0OTU0ODYyMzE2MjgzGJjbEA&sigh=3SENs42RlYM&uach_m=[UACH]&template_id=5001&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
w_480_00000.ts
video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/ 		454 KB
455 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
b555e4162955083ccdb00bbf92c05852809427f27c1a1cfe60a68f871f3c5df1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
via
1.1 63c9a084de27504ef34be3673921d01e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
content-length
464924
last-modified
Thu, 19 Aug 2021 10:14:25 GMT
server
Tengine
etag
"ddb941458bcbb6ff659645262346cb76"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
wIJIsgyit2mgrixDaKlpjNjtecBR76G_cxQ9XY8qsWCeMb1RjKgDOw==
expires
Fri, 07 Jan 2022 16:46:04 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4E37 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
33401
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
date
Fri, 24 Dec 2021 07:29:24 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_vnJxyP34eB_IcA5yF0go_L0pBRF8LsETrv8AXM6LDH1kUTxZ40lBQ==
truncated
/ Frame 1656 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53611d5c9362d927ccfefc1376f6f0035118615743a471861c102fc991aa2070

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 07FA 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 20:53:59 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 07FA 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34265
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c2b4dc12cd06961-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07FA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:04 GMT
pixel
protected-by.clarium.io/ Frame 07FA 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0L2FwcG5leHVzQXN0OjcyOHg5MA==&v=5&s=v31fnmlbl59&id=eyJkZnAiOnsiYWQiOjM5MDYyNDk2LCJjIjo2MjQ5MDcwODgxNiwibCI6ODc0NTk5MzYsIm8iOjIwMzk2NDkzNiwiQSI6Ii8yMDg0MjU3NiwyMjUxODgyNjcwMi9FTUwwMk0vRU1MMDJNLUREUC5BIiwieSI6MCwiY28iOjAsInMiOiJtbXQtODliYTFhYWEtNjIzNC00MDQ2LWE1MjQtZDRmYzllYjI2MzA4In19&sb=undefined&cb=9283918&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEwyRndjRzVsZUhWelFYTjBPamN5T0hnNU1BPT0iLCJ3ZCI6eyJrLmhiX2JpZGRlciI6ImFwcG5leHVzQXN0Iiwiay5oYl9zaXplIjoiNzI4eDkwIn0sIndyIjo0MH0=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:04 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B9C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWn7Bhlp983TOLwPLizH6r4ZLMpxFTznShVitvW4sPVhbaew1917H9ar-OWAyk6ZzMXpkv5b4Lf3yFf9OBYX2FqL1Gv4MN_3OBwdFmgkZUIx6Zqc-xAhRMZ_CgOmBgJ1FNKDlJQBxHlKP3YL_fi2ifU-prB_FbgOzRuQ2vUj8_2km3UP6uxFcMYLvWdvcSCQoXZLcy4SjS2Jv2i2gnUx8NSQUzHSDPfDfSeV4HS-w2vMTMjC9mkwmw8tS5bueq0LRAzplQU8fPC8jubb-hIyFM_XVma4Zb5zEIu6UCitSvb78dVdmKX4gsdbyGgQeGPXQO65nqYQxi&sig=Cg0ArKJSzASgS72CIjfgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B9C6 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34266
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c2b4dc14d186961-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9C6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:05 GMT
pixel
protected-by.clarium.io/ Frame B9C6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0L2FwcG5leHVzQXN0OjE2MHg2MDA=&v=5&s=v31fnmlbl6a&id=eyJkZnAiOnsiYWQiOjM5MDYyNDk2LCJjIjoxMzgzMjgyOTM5NjYsImwiOjU1MjI1NzM0MzcsIm8iOjI3NjkzODA4NjAsIkEiOiIvMjA4NDI1NzYsMjI1MTg4MjY3MDIvRU1MMDJNL0VNTDAyTS1ERFIuQSIsInkiOjAsImNvIjowLCJzIjoibW10LTgxMzM1N2MzLTMzYjAtNDBkZi05ZGFjLWU0OTE4MWQxMzI5NyJ9fQ%3D%3D&sb=undefined&cb=2236445&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEwyRndjRzVsZUhWelFYTjBPakUyTUhnMk1EQT0iLCJ3ZCI6eyJrLmhiX2JpZGRlciI6ImFwcG5leHVzQXN0Iiwiay5oYl9zaXplIjoiMTYweDYwMCJ9LCJ3ciI6NDB9
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://betweenusparents.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 24 Dec 2021 16:46:05 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://betweenusparents.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
liveInternalSsp.php
live.primis.tech/live/ Frame 4E37 		25 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E1NTYyMxMyMwJbZWyanHQyMwIyM0EmMTMyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlOTEhMwM4LwtlLwE1NSUlMvUlQlUlMzqyo0yxJTIlJTNBNTpyMxMyMwJuoHBbYTJHZW8yMwIyM0EyMwJERSUlMvUlQlUlMzRyqzywZXR5pGUyMwIyM0ElJTJDJTIlqHu0RGV2nWNyqHyjZSUlMvUmQSUlMzRyp2g0o3AyMwIyMxMyMwJvpz93p2VlJTIlJTNBJTIlY2ulo21yJTIlJTJDJTIlo3MyMwIyM0EyMwJXnW5xo3qmJTIlJTJDJTIlqHu0T3MyMwIyM0EyMwJ3nW5xo3qmJTIlJTJDJTIlZGV2nWNyTW9xZWjyMwIyM0EyMwIyMwIyMxMyMwJip1ZypaNco24yMwIyM0EyMwIkMC4jJTIlJTJDJTIlZGV2nWNyTWFhqWZuY3R1pzVlJTIlJTNBJTIlJTIlJTJDJTIlZGV2nWNyQ29xZU5uoWUyMwIyM0EyMwIyMwIyMxMyMwJ1p2VlQWqyoaQyMwIyM0EyMwJNo3ccoGkuJTJGNS4jJTIjKFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhOTMyMwBTYWZupzxyMxY1MmphMmYyMwIyMxMyMwJfYXQyMwIyM0EyMwI1MC4kMTt4JTIlJTJDJTIloG9hJTIlJTNBJTIlOC42ODQmJTIlJTJDJTIlYXBjTzFgZSUlMvUmQSUlMvUlMvUlQlUlMzFjpEyxJTIlJTNBJTIlJTIlJTJDJTIlnXNBpHAyMwIyM0EjJTJDJTIlYXBjQaVhZGkySWQyMwIyM0EyMwJbqHRjJTNBJTJGJTJGYzV0q2VyoaVmpGFlZW50pl5wo20yMxZwnHJcp3RgYXMgp2NuqzVhZ2VlLWu1oaQgY2k1ZXMyMxYyMwIyMxMyMwJupHBTqG9lZVVloCUlMvUmQSUlMvUlMvUlQlUlMzFjpFBlnXZuY3yQo2kcY3xyMwIyM0EyMwIyMwIyMxMyMwJupHBJp1BunWQyMwIyM0EyMwIyMwIyMxMyMwJupHBEZXZyoG9jZXIyMwIyM0EyMwIyMwIyMxMyMwJcZzEyMwIyM0EyMwIyMwIyMxMyMwJcZaYyMwIyM0EyMwIyMwIyMxMyMwJuqHRmJTIlJTNBJTIlJTIlJTJDJTIlYXBjVzVlp2yiovUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlpzVlJTIlJTNBJTIlnHR0pCUmQSUlRvUlRzJyqHqyZW51p3BupzVhqHMhY29gJTJGY2ulnXN0oWFmLXNwYXZyozqypv1bqW50LWNfqWVmJTJGJTIlJTJDJTIlpGFaZSUlMvUmQSUlMzu0qHAyM0EyMxYyMxZvZXR3ZWVhqXNjYXJyoaRmLzNioSUlRzNbpzymqG1upl1mY2F2ZW5aZXIgnHVhqC1woHVyplUlRvUlMvUlQlUlMzqxpHIyMwIyM0EkJTJDJTIlZ2RjpxNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJcp1qyUGFmp0qxpHIyMwIyM0EyMwIjJTIlJTJDJTIlY2NjYSUlMvUmQTAyMxMyMwJwY3BuQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzRioWFcovUlMvUmQSUlMzJyqHqyZW51p3BupzVhqHMhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWM1Zwx0YmAlZTE4JTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMDUmNwUyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTMjMDpkJTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJgo251oWV0pzywLzNioSUlMvUlQlUlMaNcZCUlMvUmQSUlMzFwZTJxOGZuLTxmZGYgNGZvMv05MmxmLTBxZDAmNTt5YTFzNlUlMvUlQlUlMzujJTIlJTNBMSU3RCUlQlU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMmAjNmEyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJFVSUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwpmNwxlJTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENmM2OTIyMwZmpGFwZTJBZEyxJTNEMTYjODA1OTYyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwE2MDtjNTx2JTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E3MmY5MvUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwx0NmUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzFmZUZfo29lJTIlJTNBMlUlQlUlMzV4qCUlMvUmQSU3QvUlMaBupaRhZXIyMwIyM0EyMwI5MvUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvU3RCUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBOCUlQlUlMzJcZGZfo29lJTIlJTNBMlU3RCU3RCUlQlUlMaBuZ2VwYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyMxMyMwJjoGFwZW1yoaRDYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4E37 		173 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.255.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-255-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ad6949020be6605212d06fbeac686048ea3c42b50f2e45f44301ef97107be6f7

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
171621
search.spotxchange.com/openrtb/2.3/dados/ Frame 4E37 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/171621?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
X-SpotX-Timing-Transform
0.003732
X-SpotX-Timing-SpotMarket
0.156076
X-SpotX-Timing-Page-Mux
0.000361
X-SpotX-Timing-Page-Require
0.006703
X-fe
085
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000033
X-SpotX-Timing-Page
0.213701
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.007612
Last-Modified
Fri, 24 Dec 2021 16:46:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.118388
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://betweenusparents.com
X-SpotX-Timing-Page-Misc
0.039168
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.037688
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4E37 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
adx.adform.net/adx/ Frame 4E37 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 4E37 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://betweenusparents.com
date
Fri, 24 Dec 2021 16:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c9b590ff-5136-46e2-8d63-151fe3b25f65
http://betweenusparents.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://betweenusparents.com/c9b590ff-5136-46e2-8d63-151fe3b25f65
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PugMaster
image6.pubmatic.com/AdServer/ Frame 0253 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38379225&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61c5f94c02e18%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:04 GMT
content-length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4A4E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Dec 2022 20:53:59 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4A4E 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34266
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6c2b4dc3390d6961-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A4E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:05 GMT
pixel
protected-by.clarium.io/ Frame 4A4E 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0L2FwcG5leHVzQXN0OjMwMHgyNTA=&v=5&s=v31fnmlblfs&id=eyJkZnAiOnsiYWQiOjM5MDYyNDk2LCJjIjo2MjQ5MDcwNzM3NiwibCI6ODc0NTk5MzYsIm8iOjIwMzk2NDkzNiwiQSI6Ii8yMDg0MjU3NiwyMjUxODgyNjcwMi9FTUwwMk0vRU1MMDJNLUREUy5BIiwieSI6MCwiY28iOjAsInMiOiJtbXQtMzJhNWZhMjktMWE1Ny00YWNmLWEzNGItMzBhN2MwMGExNmZlIn19&sb=undefined&cb=3589299&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEwyRndjRzVsZUhWelFYTjBPak13TUhneU5UQT0iLCJ3ZCI6eyJrLmhiX2JpZGRlciI6ImFwcG5leHVzQXN0Iiwiay5oYl9zaXplIjoiMzAweDI1MCJ9LCJ3ciI6NDB9
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12469150023127601401/ Frame 835C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12469150023127601401/downsize_200k_v1?w=100&h=100
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1105120f0de312b0218a89aabec2db4cae24cd13db34c3b4bc9ffcfd0594d1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 15:49:41 GMT
x-content-type-options
nosniff
age
348984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2649
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 14:58:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 20 Dec 2022 15:49:41 GMT
truncated
/ Frame 835C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0272bf2d60c50aa9754707c18af7fe5c85c61d48e341b1390c5d16a992bb34b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 835C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 18:21:26 GMT
x-content-type-options
nosniff
age
339879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 20 Dec 2022 18:21:26 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 835C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://betweenusparents.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 13:17:51 GMT
x-content-type-options
nosniff
age
12494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 13:17:51 GMT
bsredirect5_internal74.js
rtbcdn.doubleverify.com/ Frame 0829 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80d94f1cfcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13161
8643%20-%20Hospitality%20Banners_300x250.json
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/ Frame F93D 		188 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/8643%20-%20Hospitality%20Banners_300x250.json
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/lottie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8895c25de316f956b94b4281360a383afc08d0d8bdbc76d0b0150c0dbb3f85dc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
231260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34920
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 17:08:08 GMT
server
sffe
date
Wed, 22 Dec 2021 00:31:45 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 00:31:45 GMT
rciv.js
cdn.tynt.com/ Frame B9C6
Redirect Chain
  • http://cdn.tynt.com/rciv.js
  • https://cdn.tynt.com/rciv.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Server
104.18.29.199 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d018dfe8631f61492271d2c987e71f50805c4416ad0743d3fe1546aab43bf3de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:51 GMT
server
cloudflare
age
157499
etag
W/"6129520b-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6c2b4dc54a9905dc-FRA
expires
Mon, 27 Dec 2021 16:46:05 GMT

Redirect headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://cdn.tynt.com/rciv.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6c2b4dc3bb624a61-FRA
Expires
Fri, 24 Dec 2021 17:46:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0193 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKN_brlXKPEESkY_K7FhIUtD9nFlI3eHfGeacpPH_qvCsKkhTyUy2tHaYG6uXgYCVnzAXjTYB_xtZk43W8vq3v3403Bb8pGs80CyEYvdzaPgM_JyDVVi-v7YqBXC7DtPiCUzv6G1ia_T3KYZqNgp1oQPVdaBDTVc1aoVv-UokyoPN63vRjy9u7xAYcwqqzpbOql66NBoptHSvWXP9THJQumCi0chQSybku3rJbYxC-itC1d7-RxojRCZR8FAZ4F0mgN9Qd4FxS1YiIj4nbXjn2-kegHEe67dqPn3dQQCyhCxsynji7G_bvS1WLTzV46cpaKH9_HQegrphB9nunEdrO_49gUWaKGkuDOQrCHDc-Iik9KUHTm-npEmL6I-mVhOHBwcTt4gqkg6XPqgTcfkuop4HE7pOKiBvCxu6SDIOUHA23BGFBHJMNvCl4WE_Q59swlfT_KGv8zy5ryu2lZe2AHI-c4aNol2-4AuajKvcUKnWPAdf8sbGRb5_8LDPP1wUnpiBkEx1v1R_0jilR9q9-zZfTeA2090LDunm8sY10vma30aN_MD84RjBun1x1YOzd02aFlR3457ZkPTxlSJ8OCX0amD_w85tIUriLafNR1Wgj7F5WydWpAElIAPEgNpmOUaxrz1FIe7ie9_bslmlc6vEuoWWhb-G9pbuN4IA8SovOEhhTjR-6Gzn6fpReC8CUJ7dM6tt81wgrnS0wv_p97rurjHDfsQnoJ-xCZZ4SnzHgzkq4as5_Wgc-JCo0mVsqXoPi4OJ4PMr9rbhZD4vLynbkLxSnqgluabgsmRRF32lIcE7P082alFTHDIB5-AEZoBziHYHKsdqBEcRjfui3nP0Jj4yggyz8r7Wg4ZvB80R8YoJ0wuJhutHZybWM6B3cyEu_E3dIrG3BnrNLKf08ADfYxHPGNXEwuHlfE3MXYsCr8HKBVwrASa5oMGSgiWloLFjlfS367BfABilZpQUzbiVWzyE7Yh7gk_-i9fsBvEp5N76H2jYOg5nt8CZEPwh4jsN11t-jT88UvmdvxOa6f67cT4McxhbTtNV-GSHAUoc7YfVvVyGrkVbKKKQdE97MctZNknuTGIjWEnfVhpu0MjHzdTjSYm5_8BpFDS5zGaRAzWruy6rzV4IzAg8dpkmmppDKPPfxDX3F0c4FUJfFlMmKUy-8kS7ISk5B9TH_cnwvG6meHog0TE1Qrn72VpX98LQ&sai=AMfl-YTETfWcmlqkN5-gnVG_it2KMLMvtEPduPxdusS0pQxpgOTnitmOwh9aKw&sig=Cg0ArKJSzLbCT1EO5SVTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 24 Dec 2021 16:46:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 0193 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:44:35 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 0193 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=26918589&sid=443002&plc=321643894&num=&adid=&advid=8650961&adsrv=1&btreg=514091335&btadsrv=doubleclick&crt=162080114&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3ce4399c5078ca5cea592b3eaf5eadeb4e8e0ca168468bb5ceb3122bc83a6bbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 19:20:31 GMT
Server
Microsoft-IIS/10.0
ETag
"80a9affdb1f2d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0193 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:13:53 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0193 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 15:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 15:19:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0193 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:45:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0193 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:41:42 GMT
l
www.google.com/ads/measurement/ Frame 0193 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRg0doOOHFZYmOtJa5yDEvPDl0SYdgjKGwGGdKaECoDJCUQDagJYRqbWdNYed8ubkig-ZYai2Bh3v52F3kbJU6WWDgp2g
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0193 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0193 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:42:17 GMT
AUK21008_UK_Amex_160x600_Banner.jpg
s0.2mdn.net/8650961/ Frame 0193 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8650961/AUK21008_UK_Amex_160x600_Banner.jpg
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6b983380e7557b0f1e3a5c56d069194298600f7e30bd68b37c6b8b0696c5af5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 01:50:58 GMT
x-content-type-options
nosniff
age
53707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147305
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 09:55:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Dec 2021 01:50:58 GMT
pixel
protected-by.clarium.io/ Frame 0193 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31fnmlblkf&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTE4ODI2NzAyL0VNTDAyTS9FTUwwMk0tRERULkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTg1MDkwMjZiLTNjYTEtNDcwZi05NDcyLTFjZTNlYzMyZjY2OCJ9fQ%3D%3D&sb=undefined&cb=5421641&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321643894;a.a=514091335;cache=3430846741;
ad.atdmt.com/i/ Frame 0193 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DAAE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57744
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:05 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame FA60 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id
6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server
AmazonS3
content-encoding
gzip
date
Fri, 24 Dec 2021 16:17:45 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Pjxh3LMa8FJXySTAbyT3RQA4G_FqWBh3ouOVvs331MltaizNqCo1NA==
age
1701
cookie
cm.adform.net/ Frame 2456 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Fri, 24 Dec 2021 16:46:05 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 6CFA 		251 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
RU
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-storageserver
DE-198
cdn-fileserver
141
cdn-proxyver
1.02
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-cachedat
12/24/2021 10:01:24
cdn-edgestorageid
756
cdn-status
200
cdn-requestid
0799beb5d64ec77cf90ae30b657bfdaa
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame EA1C 		0
0
csync
sync.console.adtarget.com.tr/ Frame 76A3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=yHjFDAosvdfRCyijbIn9&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame E7AC
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 24 Dec 2021 16:46:05 GMT
content-type
text/html
content-length
13
x-sid
AMS-606

Redirect headers

server
openresty
date
Fri, 24 Dec 2021 16:46:05 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-606
csync
sync.console.adtarget.com.tr/ Frame 27ED 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 07FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui3nZuvP1zIIDH1GX1WbTHI6_N2yVbAIz3u1-OsvzA0waBIu4Z6p_5Cqi72fL6sdlYJbR3SfXLoHaqx0JTdEBsxK6Zv1jRWpwogco5Puvl4U0bNH-rI281QvIirBbmwRb3Gzh8yId_frmbqVUWZJY0jj6i-ymXoMK1QPcTHJJeJzGCh2Vx5fGWf-3nMtUcG2JIA3C2SctRZPWQtRueoy748qAaZSpBd1WjndIueRq74daitSIfnn8lwFwpqKihE3ltM23-mwJxqj9vkuQJzT1cAXS-6ME3Gst73oEGwBD1Srl3JuSCgNjX9_rd91dJKZRn63p7rJk&sig=Cg0ArKJSzPWsK916ekkjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B9C6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae79041f22125a201bb709023b3bf033038edfce4856776ff660b772ca8b8984

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 07FA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d8d1364fa8452947d3b9c9d2926903bfc5249dd398cde7a442eac03a44f024b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 07FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpMYJ8AW30SclTeAT32ZxksYLLTWqwWqh4ZNWSeWIjYGzRAoZ7qQ1Olp0OGrXEWOgoaRUzJYrMUI7OYqYh1M1W6BYVYPevzR_nhQdiT6SDUAbS1gzQIFLleK6q5QhGbL0WUkQN_9h4_SdU2MO0Q6aFTSCM4d2w7MAKoaa9_MxTBwaRkIcAWfAnBhHNWb0pBTOd4egZLZ8EhE-xZRobMwE5SEL80wKUUKi7TG-oE999LO0CHdeWDbUxkDttkBVhY1nRWuMsN8QA0ayLxnCZFK19aljZ_SdulWLaJhOrxORjuSC_9p7nOIUHafMd0P0qAmrL-Gd5ntib4g&sig=Cg0ArKJSzIDegUJWHgCYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Dec 2021 16:46:05 GMT
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 374C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_300686362533
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:11 GMT
Server
Microsoft-IIS/10.0
ETag
"b4e1f13fcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 374C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c87c4841f4afb812f6bc2e0a62d85acf0e7ecb6648e3b84cb5e5a0b9175b0081

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:57:06 GMT
server
AkamaiNetStorage
etag
"2e88e116bb481bc9bd516a8102b1364c:1637085426.387863"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1604
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 374C 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.59.24.120 , France, ASN16276 (OVH, FR),
Reverse DNS
js02.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
"61b86d72-ffba"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65466
px
go.affec.tv/ Frame 374C
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=8918758925964133359&tag_id=13079169&creative_id=328611586&creative_size=728x90&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.5...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94ebea1e3000102c69a%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94ebea1e3000102c69a&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.217.255.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//go.affec.tv/px
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
71
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/222/ Frame 374C 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/222/trk.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Age
885860
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29209
X-Served-By
cache-lga21973-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 14 Dec 2021 10:40:55 GMT
Server
AkamaiNetStorage
X-Timer
S1640364366.656781,VS0,VE0
ETag
"27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 2083236
it
ams1-ib.adnxs.com/ Frame 374C 		0
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fbetweenusparents.com%252Fchristmas-scavenger-hunt-clues%252F&e=wqT_3QKHDvBMBwcAAAMA1gAFAQjL8peOBhDvh7-b1f_y4nsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUILu2JwBWJjTW2AAaPqJM3jr2gSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU4NjY-APC2kgLlBSFySlFJTmdpVW1vRVlFSUx1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TXprNE5lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGa1ItUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASFCUjFJQz7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPDQOEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzE6Mzk4NdoEAggB4AQB8ASlWSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDjI4NTQJYSA1ODM4uAYAwQYBMDAAAPA_0AblAtoGFgoQCREZAVgQABgA4AYB8gZyCLyNTxJsUGhMUU4wMEEB2ERBQWtDQlFFSXRkSDBCeERSNnRnQ0dJcjJpZ01nQnlnQVFLUFBqZ2RJaGRXMUIxQ2JMVmpPTFg64gGV3wxBQUFJrR9ISm9CQWdnQYAHAYgHAKAHAboHDwHJSBgAIAAwADi9BkAAyAfr2gTSBw0N9QQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=5013a3d2ecac96b4c0ac6ffdf88e9643567e4e77
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d0dd5a09-793a-42d2-b703-ad2012beaac1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 426A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 24 Dec 2021 16:46:05 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 24 Dec 2021 16:46:05 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 24 Dec 2021 16:46:05 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img_0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/images/ Frame F93D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/images/img_0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f943cf100fb64c20af07a9960cb39c4e2b21ae30c9c0b1dcc67b93667e8108af
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
290102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39278
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 17:08:08 GMT
server
sffe
date
Tue, 21 Dec 2021 08:11:03 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 21 Dec 2022 08:11:03 GMT
img_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/images/ Frame F93D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2613259223491829695/images/img_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e979c4feda0a944945f7c28de85fc81035eca16d5c6f740d5e2404b7d611ac3e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
220149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10619
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 17:08:08 GMT
server
sffe
date
Wed, 22 Dec 2021 03:36:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Dec 2022 03:36:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskDbmYumX_cFHJDkosUM7SXbrDvWwBquY-XltbEg-E6fd4BxZQLn_oSQ2Hd-K3UO3mBus-joXCvaueAlQ6TH3ZZces1UjsZAFUB9R4CNnbKtcwE5M8TOuWDR6t0U333pYuBHvNKtOUBTI_9NoOqotarv3WeYfQCKIQc547VPLOxOoAp6djGKMEeZiY_IN-gldscXMn-14LTn_YecH-D4ObQdrg4Cm5amRkUUvUMe-h9EKEctNsEhox3S8RViKh74Ge6_BWwQYmPRKB3-iG2Dj8ct2GF_owsILJ_L9j3tmtSLMVVL1vFG2wpZkiYS2oj_TjYS5VY8_1PjIRH9DYRPGpFUeVCWvzYZ21dGymM7JHL-90w2BYVSftErclwwFdJv_QiwvzNI6QHvHyG_FZqqTgFBDRlxWvo6zb8-ZkXBIv9StjCGJR9BzCearAwLrvjhc8QtbpfKGMV4GfYD77iFe7XRiQ1MAWzhyJjrdGRZysjf1men4aAN2WbvaRlrrTaS4rlEyTArDW32gTK-63oxzsa1nlXEam91cfNgB-PD7529PRpxR3BhzL5b0bTFyVZethaZ3aOi7p-6enxBwvLmIUAsEpmfjlZS0K91WWuKtnba7ULosEtC5OA8XmiaUTxr6q8ftq5fLzGpHvWtahLTQrwd1FWKd1Hxav7FBcuZdYkUCb22nECV08kL1nIR4N-12GMry7eVivIU6Kas5Tmjp07bFjOlpvm4cjJfwMKUkmn2-IXuJJ9MR5XLb2sHRL6aCixBJWfcQvWh8KcYQJHF9X1hsqMLcpOAo-eqcvU0IjtkctmMRZVARLIq_WYBALjZym4MLmZHsRmQ8-7j5_lk8tVsVzhjbPkhJvnFvCP_yhEdpF5ofOnE0epNHQfUMXTLPa1rKSxs_ibtFe2lghb6IhpwqE5JzAS8nDhP4jbXSTSQhEO-_uBoqhHz6VKknA0yjQU854ydMnjgWuniHGwCEaiePTpq9WXBhfOR8jSm6rzRpJ6ZpwsI1mCt4grt5dJTqZeb5pK1ttqRAAM7w0qArjCnluOSwL2yYrY_8B9R3cTJ_KiUUFukeXzWN-pOUcmT1v9tB8LtV_0ZTg5lk4Gz3YqP5ASvmTgixjoF8DWB6eta3vntXgXD8KYol-ORTQTy21cIGY8M2tiPjspbAvcvDY2RE_2So06r_6WzZNGZmgYd8Na3eS3MCEVKkjzIb9K0rilVo&sai=AMfl-YT4IXhqa87otnWLnSmhRaj5FQgB95baehDg9nzzv06zgTL-n0UWVwcjYw&sig=Cg0ArKJSzGwThWcBoeQ_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 24 Dec 2021 16:46:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame CA9B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:44:35 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame CA9B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=26918589&sid=443002&plc=321648292&num=&adid=&advid=8650961&adsrv=1&btreg=513716717&btadsrv=doubleclick&crt=162425502&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3ce4399c5078ca5cea592b3eaf5eadeb4e8e0ca168468bb5ceb3122bc83a6bbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 19:20:31 GMT
Server
Microsoft-IIS/10.0
ETag
"80a9affdb1f2d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3291
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 15:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Dec 2022 15:13:53 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CA9B 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 15:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 15:19:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CA9B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:45:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame CA9B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:41:42 GMT
l
www.google.com/ads/measurement/ Frame CA9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJPJ8CMtesZm5BgqBr2rsIE62Trk5BSfy3njK09uUJMsn5RjXAExJmp-GoEKWGVWPkLfUtFCKaUMxtc26YFqoIppmnrQ
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA9B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Dec 2021 16:46:05 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame CA9B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jan 2022 16:42:17 GMT
AUK21008_UK_Amex_300x600_Banner.jpg
s0.2mdn.net/8650961/ Frame CA9B 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8650961/AUK21008_UK_Amex_300x600_Banner.jpg
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6d9c72f9a52306b23bb9729a6da82b25ad2095fce9af37da36d7012addd6b7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 00:37:00 GMT
x-content-type-options
nosniff
age
58145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258224
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 09:55:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Dec 2021 00:37:00 GMT
pixel
protected-by.clarium.io/ Frame CA9B 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31fnmlblv0&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTE4ODI2NzAyL0VNTDAyTS9FTUwwMk0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTkxNWJhNWM2LWZkMDktNDBmOC05NjJhLTM2NzJhZGQwZTJkNCJ9fQ%3D%3D&sb=undefined&cb=2871159&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321648292;a.a=513716717;cache=1049407564;
ad.atdmt.com/i/ Frame CA9B 		0
0
verifyc.js
rtb0.doubleverify.com/ Frame 0829 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=26792913&plc=322785623&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_934144046439&jsTagObjCallback=__tagObject_callback_934144046439&ssl=1&refD=2&htmlmsging=1&guid=1640364365813824&sfe=1&aUrlD=-1&brid=3&brver=96&bridua=3&dvp_strhd=2.60&dvpx_strhd=2.60&m1=13&fcifrms=20&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETau49C%3ADE%3E2D%5CD42G6%3F86C%5C9F%3FE%5C4%3DF6DTau&ver=103&dvp_exetime=5.70
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7696edac0ff02d22887bf931be73584c08376ffb39949302a80601cc7853a1b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Fri, 24 Dec 2021 16:46:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
12/23/2021 4:46:05 PM
bundle.js
cdn.admatic.com.tr/user/ Frame 6CFA 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-169
cdn-cachedat
12/23/2021 20:30:40
cdn-pullzone
266102
server
BunnyCDN-DE1-756
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
10f83e5c71fdf52513360c154c0c2bea
cdn-requestcountrycode
RU
cdn-status
200
cdn-requestpullsuccess
True
bsredirect5_internal74.js
rtbcdn.doubleverify.com/ Frame 374C 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80d94f1cfcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13161
dv-measurements1950.js
cdn.doubleverify.com/ Frame 21F7 		490 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1950.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
88343b81dd1c646160dcf8856b77f8d7e12334fa17a9ae39c1a6958b134a1b25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 11:38:54 GMT
Server
Microsoft-IIS/10.0
ETag
"01b9356a8f1d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91099
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 84ED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 21 Dec 2021 15:13:54 GMT
expires
Wed, 21 Dec 2022 15:13:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
264731
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 4A4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXgqA4ienJ-zZ2oSGXt9JVtWZkQO70S-FJxs7tJ_Iqj4r-7bXY7X9EeDr_jQWXMCXBHFamfsrQyeZCQBIz7xNXQbbd63A7T9zKt5RUwai6DCC-7nqclSVZCPGLaKwTrV4n5RfU6j6O-_KpmbD0Oe3UgivFSQ5Wms3PWLYEEnYvffN2sLf0UNQi85UdxDgdlaE6E7xVNqff3Mk9McC8ZFQrGNCCEwdsWz3hKr25wxKFGDcYRWjD88S7FE1vCrIcexNLtnaJsGR5otWRtCOv00KXcE0ncodxi-58zFg9SlEeS2n4XT2k2tUwKYpOt8XAksoRcE46Uv0&sig=Cg0ArKJSzFEcwau81lmbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 4A4E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae29007844b48d940c7ff7e2b9159554e07d524efef6a651816d7c5555a03415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4A4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-G7slokCa82HYbuNgjaK4ur9CF4mPn4azZgP9BKsK19WuEnrDd-cbQSjv1Xa8r-w2aPmsSltihJMa5VkauLpu3OvcwY4eMbhZkSuFrWMXauiFW5fe_d9PjCjNkV0UYC2-d6LASS6YnpGZQcIbtGFIxHOIKCn6vmZXJ9vIX97lWjSHFYAQUkC8jp-Yt_p5dMze7e2VRFUxZW432w-ZHjqRLeOSaDJsm7USE0RfY7fc-WP2W-G8zURWnFOKLGbS7CgQgUz72MhHVFuKjZGQ3y7_8puSxI8QKt4j2HlIDNondbejLMrZyJUeoL3lZW-fxQqBuD6dwDCkMQ&sig=Cg0ArKJSzAqJBCHBQAEUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Dec 2021 16:46:06 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4E37 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D32345F31387D7B7331353234323238367D7B4335377D7B53596D56306432566C626E567A634746795A5735306379356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593430307D7B66317D7B4C383839377DFEFE&userIpAddr=91.238.82.155&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21monumetric.com%2Cace2d8fa-93df-4fb2-9393-0dd03589a1f7%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=15&c2pWaitTime=0&isSinglePageFloatSupport=0&csuuid=61c5f94c02e18&debugInfo=15242286_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15242286&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed22a2zoxpviku&secondaryContent=&x=690&y=400&pubUrl=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8897&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=betweenusparents.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126523
x-xss-protection
0
expires
Fri, 24 Dec 2021 16:46:06 GMT
uu
ih.adscale.de/ Frame FA60
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1640364366
  • https://ih.adscale.de/uu?cbfn=receive&t=1640364366&nut&uu=12a0059abee44a4ba0a1467b5280dd8d
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1640364366&nut&uu=12a0059abee44a4ba0a1467b5280dd8d
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
52.58.196.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfc8fb7be35f4aa4e9daceb2ae7e2e43e7260ead9b4641162ce91476abd242b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1640364366&nut&uu=12a0059abee44a4ba0a1467b5280dd8d
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
0
bDR-SEhTGr67n_aKlId8sQ.js
sc.tynt.com/script/sc/ Frame B9C6 		965 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/bDR-SEhTGr67n_aKlId8sQ.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.199 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
031270269b1a9578af2a16f208cd63ef1397327c3ffc2f59bcf6324c5ee9a2e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
163943
status
200 OK
x-xss-protection
1; mode=block
x-request-id
efea959e-956d-46ed-b743-61a2d5a8a103
x-runtime
0.002787
x-content-digest
065f3980cc714eadcbb096ef410f4e19c77d535d
last-modified
Tue, 21 Dec 2021 15:05:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
6c2b4dc7bec205dc-FRA
x-rack-cache
fresh
expires
Tue, 21 Dec 2021 16:58:35 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=bDR-SEhTGr67n_aKlId8sQ&lm=6&ts=1640364366021&dn=RCIV&iso=0&img=https%3A%2F%2Fi0.wp.com%2Fbetweenusparents.com%2Fwp-content%2Fuploads%2F2018%2F12%2FChristmas-Scavenger-Hunt-Clues.jpg%3Ffit%3D1280%252C853&t=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&cu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 -, , ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 61A0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 24 Dec 2021 05:53:44 GMT
expires
Sat, 25 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39142
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0193 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ed8f498321acb83ed02db56fa3d3569bc26e41488b6e5143d056f3270a62e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
bsevent.gif
tps20519.doubleverify.com/ Frame 0829 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=d2fa66e9d8bf433999e2c414674644d7&vfdur=107&cbust=1640364366061743
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
12/23/2021 4:46:06 PM
log
protected-by.clarium.io/ Frame F74F 		0
0
log
protected-by.clarium.io/ Frame F74F 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
ba.js
c.evidon.com/geo/ Frame 0829 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r211116
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e7d8115f8560e36e90c3bfbf48196e63b968aa848f405bc778f44a05ecb78990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:56:36 GMT
server
AkamaiNetStorage
etag
"032f9dba2a82980d9766fb6a31cc4e17:1637085396.675708"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12423
4.gif
c.evidon.com/a/ Frame 0829 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/gif
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
user
ads3.admatic.com.tr/ Frame 6CFA 		75 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 -, , ASN (),
Reverse DNS
Software
AdMatic / AdMatic
Resource Hash
7249f74ec6b611ec2dc6ebe2f66fc3e17dd9820be875da4315f5948ed55e6fe9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
verifyc.js
rtb0.doubleverify.com/ Frame 374C 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=26792913&plc=322785485&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_300686362533&jsTagObjCallback=__tagObject_callback_300686362533&ssl=1&refD=2&htmlmsging=1&guid=1640364366149746&sfe=1&aUrlD=-1&brid=3&brver=96&bridua=3&dvp_strhd=2.30&dvpx_strhd=2.30&m1=13&fcifrms=20&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETau49C%3ADE%3E2D%5CD42G6%3F86C%5C9F%3FE%5C4%3DF6DTau&ver=103&dvp_exetime=4.00
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a57110e1e7d718a622f70b55af2e6c440e5f8a7671ef2a9205cd3b99ddadb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Fri, 24 Dec 2021 16:46:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
12/23/2021 4:46:06 PM
bsredirect5.js
rtbcdn.doubleverify.com/ Frame AB2A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_944600469983
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:11 GMT
Server
Microsoft-IIS/10.0
ETag
"b4e1f13fcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame AB2A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=250
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c87c4841f4afb812f6bc2e0a62d85acf0e7ecb6648e3b84cb5e5a0b9175b0081

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:57:06 GMT
server
AkamaiNetStorage
etag
"2e88e116bb481bc9bd516a8102b1364c:1637085426.387863"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
1604
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame AB2A 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.59.24.120 , France, ASN16276 (OVH, FR),
Reverse DNS
js02.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
"61b86d72-ffba"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65466
px
go.affec.tv/ Frame AB2A
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=457507376384018983&tag_id=13079169&creative_id=328611585&creative_size=300x250&reserve_price=0&price_paid=0.68931&bid_price=0.68931&ecp=4.5...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D61c5f94ebea1e3000102c6d0%26chc%3Daf%26floc%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/8808822811383001847?ch=61c5f94ebea1e3000102c6d0&chc=af&floc=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.217.255.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//go.affec.tv/px
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
71
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/222/ Frame AB2A 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/222/trk.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Age
885861
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29209
X-Served-By
cache-lga21973-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 14 Dec 2021 10:40:55 GMT
Server
AkamaiNetStorage
X-Timer
S1640364366.189229,VS0,VE0
ETag
"27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
2, 2083238
it
ams1-ib.adnxs.com/ Frame AB2A 		0
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fbetweenusparents.com%252Fchristmas-scavenger-hunt-clues%252F&e=wqT_3QKJDvBMCQcAAAMA1gAFAQjL8peOBhCnlPbbjpHZrAYY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUIHu2JwBWJjTW2AAaPqJM3jc7AOAAQGKAQNVU0SSAQEG8EOYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDAzNjQzNjMpOwEdLGknLCA2MjI0MTAwLEIdACxnJywgMTU2MTYxMjhGHgAscycsIDI2NTY1NTU3Sh8AMHInLCAzMjg2MTE1ODU2PgDwtpIC5QUheEpTM1BBaVVtb0VZRUlIdTJKd0JHQUFnbU5OYk1BQTRBRUFBU05FSFVJR2xuZ1pZQUdEUEJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JDeVJxaDkxNDREX0JBV0ltdWxqT0R1WV95UUVBQUFBQUFBRHdQOWtCRTBuME1vcmw1el9nQWVUeC13TDFBUUFBQUVDWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58IFEQUFnRElBZ0RRQWdEWUFnRGdBdHZYMlIzb0F1Ny1sSTRHOGdJRGMySXgtQUlBZ0FNQm1BTUJvZ01UQ052WDJSMFFDQmdBTGVqR2d6NHlBM05pTWFJREV3amIxOWtkRUFrWUFDM294b00tTWdOellqR2lBdzRJeEpTVkdoQUxHQUl0AYbwaUFMb0RDVUZOVXpFNk5UZ3dNT0FEbXkyQUJQMlJvQWVJQk91Z3ZnZVFCQUdZQkFHeUJBb0kwUFRuQ1JDTzFZUU5zZ1FLQ0p2cHRBd1FqdFdFRGJvRUdnaWVDUkdhbVptWm1abkpQeGtBQUEFbjBBQUNDYjZiUU13UVNhFSAIOGtFDR4kQUFBRFlCQUR4QgELDQFEZ2dVY0NMRE1KUkFDR0FJaUFDHVAMREV6TQUCZFBEUDRnRnFDMlFCYnlOVDVnRm1xcldmcWtGDUcYQThELXhCUREOEEFBd1FVFQ0EUU0uKAAEX1IuKAAAMg0oyDNYalFQLUFGdzVvRThBV0FrYmtILUFXamotQUJnZ1lEUjBKUWlBWUFrQVlCbUFZQW9RWRlgIEtnR0JMSUdKQR28AEId9wRCaxUsBEFDHRhETGdHQ2cuLpoCwQEhLUJ3REJROukCKEpqVFd5QUFLQUF4FUIIRUE2MtUBQEVDYkxVa1RTZlF5aXVYblAxHWEARh15BEdHOZUAMh0YAEgdMBRIZ0FnZ0WakQEAazXI8P04RDgu2AL1EOACxM0e6gI7aHR0cDovL2JldHdlZW51c3BhcmVudHMuY29tL2NocmlzdG1hcy1zY2F2ZW5nZXItaHVudC1jbHVlcy-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APDvpIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTkxLjIzOC44Mi4xNTWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzE6NTgwMNoEAggB4AQB8ASB7ticAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEQsNgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4yODU0I0FNUzE6NDgxNbgGAMEGAAExLADwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgi8jU8SbE54THFOazBBAthEQUFrQ0JRRUl0ZEgwQnhEUjZ0Z0NHSXIyaWdNZ0J5Z0FRS1BQamdkSWhkVzFCMUNiTFZqUEpYOuMBleAMQUFBSa0gSEpvQkFnZ0GABwGIBwCgBwG6Bw8ByUwYACAAMAA4vQZAAMgH3OwD0gcNCQmrBC5AAagI2gcGCSdE4AcA6gcCCADwB__iAooIAhAA&s=66dcaf8278606f53b2d1c6ee74f91626c4434ddd
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:06 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bc1198ef-9be1-4c28-9466-688943cad6ce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=194651516294954&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDL.G&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50&ris=2&rcs=1&prev_scp=Flight%3D1%26monu%3D300x250-320x50_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D897d302d-3df0-4de9-953f-404d6f5fec1f%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D320x50%26hb_adid%3D702ee541fdf2cee7%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Dd1824c8a8a4d6968%3AT%3D1640364363%3AS%3DALNI_Ma9WyJ-zUXg8kxQWjEbOkKaqKOljA&bc=23&abxe=1&lmt=1640364366&dt=1640364366197&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=460&adys=5088&adks=873623921&ucis=6&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x50&msz=720x50&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_w_0nXcgG0OeA6LWRIbLo58gezEmxUCrVrL7E7rhQoL8FhfS_8NWODWwgInFgYQDHWcEq6dpPW5eu0jiQBQA%2CAGkb-H8dbqdp5XO5Tgd9oMJkghAWMhRaDNwi-ZNzymchm4R0Bsf9xpaav7FC80EKxvbZq46sj3qGmVy2X4fxpldnWg%2CAGkb-H-IYRoTkUlpVEqgu3oCJfUoZau-WrGME8k1g05yfEbUUk7DnFaEiOWjb67c-t19WeIqjGdtlGTemEVzcl6I5A0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=17&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
73f74336769f9f88ad0ebd91e59d53d0c52257b8d7f18a2ac452e976f95823ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8575
x-xss-protection
0
google-lineitem-id
87459936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
62490708336
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 21F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=252&ttfrms=23&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETau49C%3ADE%3E2D%5CD42G6%3F86C%5C9F%3FE%5C4%3DF6DTau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=671&ddur=107&uid=1640364366235127&jsCallback=dvCallback_1640364366235890&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1950&tgjsver=1950&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=20&brh=2&sdf=2&dvp_epl=332&noc=4&ctx=13361095&cmp=26918589&sid=443002&plc=321643894&crt=162080114&btreg=514091335&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=61089559789.06254&dvp_tukv=3381484051.56397&dvp_uuid=8301171.210793995&dvp_strhd=2.5&dvpx_strhd=2.5&dvp_tuid=224373922010
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.87 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
12/23/2021 16:46:06
dv-measurements1950.js
cdn.doubleverify.com/ Frame 61C1 		490 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1950.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 11:38:54 GMT
Server
Microsoft-IIS/10.0
ETag
"01b9356a8f1d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91099
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9278 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 21 Dec 2021 15:13:54 GMT
expires
Wed, 21 Dec 2022 15:13:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
264732
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bsevent.gif
tps20512.doubleverify.com/ Frame 374C 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20512.doubleverify.com/bsevent.gif?impid=aaa25483dd014007a1702cc01fe40a94&vfdur=13&cbust=1640364366269358
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
12/23/2021 4:46:06 PM
log
protected-by.clarium.io/ Frame 07FA 		0
0
log
protected-by.clarium.io/ Frame 07FA 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
4.gif
c.evidon.com/a/ Frame 374C 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=728;ad_h=90
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/gif
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 374C 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r211116
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 17:56:36 GMT
server
AkamaiNetStorage
etag
"032f9dba2a82980d9766fb6a31cc4e17:1637085396.675708"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12423
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3A4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 25 Dec 2021 16:46:08 GMT
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
sic.js
cdn-sic.33across.com/1/javascripts/ Frame B9C6 		417 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.222 -, , ASN (),
Reverse DNS
Software
cloudflare / Love
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 15:42:53 GMT
server
cloudflare
age
147759
x-powered-by
Love
etag
W/"6166fe7d-683be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6c2b4dca885e4a85-FRA
expires
Fri, 24 Dec 2021 17:46:06 GMT
bsredirect5_internal74.js
rtbcdn.doubleverify.com/ Frame AB2A 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal74.js
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Dec 2021 06:23:27 GMT
Server
Microsoft-IIS/10.0
ETag
"80d94f1cfcebd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13161
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame 604C 		256 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Type
text/html
Cross-Origin-Resource-Policy
cross-origin
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Length
198942
Date
Thu, 23 Dec 2021 09:47:47 GMT
Expires
Fri, 23 Dec 2022 09:47:47 GMT
Last-Modified
Wed, 15 Dec 2021 20:12:41 GMT
X-Content-Type-Options
nosniff
Server
sffe
X-XSS-Protection
0
Cache-Control
public, max-age=31536000
Age
111499
client.js
s0.2mdn.net/instream/video/ Frame 4E37 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Dec 2021 16:46:06 GMT
integrator.js
adservice.google.com/adsid/ Frame 4E37 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 90AD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 24 Dec 2021 05:53:44 GMT
expires
Sat, 25 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39142
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CA9B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9f571ac3d604da0658be58bfe77da5bc6169599a75abf70fd77f47e0280825f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
153615.js
c.evidon.com/a/n/1267/ Frame 0829 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=3430330497944266&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDP.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ris=2&rcs=1&prev_scp=pos%3D1%26monu%3D728x90_B1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D7b430283-8ae4-44fc-8b9b-bd761328e4a0%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D728x90%26hb_adid%3D7229c869ca0c9ec1%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Dd1824c8a8a4d6968%3AT%3D1640364363%3AS%3DALNI_Ma9WyJ-zUXg8kxQWjEbOkKaqKOljA&bc=23&abxe=1&lmt=1640364366&dt=1640364366382&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=260&adys=10950&adks=1687252209&ucis=d&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=720x90&msz=720x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8xQtXHL1rVLbtJWkFq0fZVWLEDIHjinIgEueH5lwTcxlUG7lK60UByGSX5my381eelVc72273RtHM_eFgvsQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8dbqdp5XO5Tgd9oMJkghAWMhRaDNwi-ZNzymchm4R0Bsf9xpaav7FC80EKxvbZq46sj3qGmVy2X4fxpldnWg%2CAGkb-H-IYRoTkUlpVEqgu3oCJfUoZau-WrGME8k1g05yfEbUUk7DnFaEiOWjb67c-t19WeIqjGdtlGTemEVzcl6I5A0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=0&ohw=0&btvi=18&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8585
x-xss-protection
0
google-lineitem-id
87459936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
62490708576
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://betweenusparents.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 0829 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&e=wqT_3QKIDvBMCAcAAAMA1gAFAQjL8peOBhD-opiO08C4pFsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUIbu2JwBWJjTW2AAaPqJM3j7-AKAAQGKAQNVU0SSAQEG8FWYAcACoAEyqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU5MDY-APC2kgLlBSF3NVJTUVFpVW1vRVlFSWJ1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TkRRd01lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGc1NLUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASEtUno5Qj7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPD9OEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMxOjQ0MDHaBAIIAeAEAfAEhu7YnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABELDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMjg1NCNBTVMxOjQxNzO4BgDBBgABMSwA8D_QBuUC2gYWChAFEB0BWBAAGADgBgHyBnIIvI1PEmxNQklCTmswQQLYREFBa0NCUUVJdGRIMEJ4RFI2dGdDR0lyMmlnTWdCeWdBUUtQUGpnZEloZFcxQjFDYkxWak5JSDrjAZXgDEFBQUmtIEhKb0JBZ2dBgAcBiAcAoAcBugcPAclMGAAgADAAOL0GQADIB_v4AtIHDQkJqwQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=aa03bb4b5ab28896bb013e0f5fa233c0ef5d379a&type=nv&nvt=5&jm=1003&sid=2310247651828630779&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13079169&cid=3&cr=nv&sw=1600&sh=1200&pw=320&ph=54&ww=320&wh=50&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:06 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e7c7ede0-bc3d-435a-8b8f-f8b0a8e745c2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
userconnect.js
js.adscale.de/ Frame FA60 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
.aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding
br
last-modified
Mon, 06 Dec 2021 15:37:56 GMT
server
AmazonS3
age
3416
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 24 Dec 2021 15:49:11 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GNHFE4hxeWT6qIJpLqywIfwznTnfods5_tIXxzn1yVP64g2xE5M7IQ==
csync
sync.console.adtarget.com.tr/ Frame FA60 		0
0
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=bDR-SEhTGr67n_aKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 25 Dec 2021 16:46:06 GMT
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEH_s3a2Tocn4UWFlHQdoJTA&google_cver=1&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_S...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEH_s3a2Tocn4UWFlHQdoJTA&google_cver=1&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_S...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=TAeLYs0U8v68s7Jd7e3VTw&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=TAeLYs0U8v68s7Jd7e3VTw&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qvxq6p8YTN6swoRfB6Nnd
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=TAeLYs0U8v68s7Jd7e3VTw&google_push=AYg5qPI-PhDFj5Jto5PfC3bOgPN4tQQgMs7-N95ECrkU7yrHAHXC0l6VMir_SgTww3dUJ-m3LVJHkY9qvxq6p8YTN6swoRfB6Nnd
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
238
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEO0WBSa8g56eACquSwATh4o&google_cver=1&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_s...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEO0WBSa8g56eACquSwATh4o&google_cver=1&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUncc...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz&google_hm=0DJBwdF5R72zG_ny9TiqxQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz&google_hm=0DJBwdF5R72zG_ny9TiqxQ==
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIhE0qTxHmfMNfPfDmWi-zVEy0bl-5Ds12QdCj6a2TVtUamk2xIV69T8kiWpZFnmOUrL52e4lJPIrUnccq5xH_snu4x8xDz&google_hm=0DJBwdF5R72zG_ny9TiqxQ==
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBTILIuFrd3EqThmyFnYIlA&google_cver=1&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBTILIuFrd3EqThmyFnYIlA&google_cver=1&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5NzM2MTQ3MTQwMjgyOTUxNQ&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5NzM2MTQ3MTQwMjgyOTUxNQ&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0CEaeZh4ur8fnK77mk8VD
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:06 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODg5NzM2MTQ3MTQwMjgyOTUxNQ&google_push=AYg5qPLJsv_BXUAIglWCmn0a0t3jv4pSm457qjQvfNZ2BgKg3vguXsUhihZW_D0G6hCzNrgoA32RFZe0CEaeZh4ur8fnK77mk8VD
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQqu...
0
0
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEL2GAEdbN7qmPWc0qmbCWkE&google_cver=1&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
0
0
pixel
cm.g.doubleclick.net/ Frame 61A0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKmb50tqUsadAN9YD-GS_8k&google_cver=1&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMxODUwMjgxODA1MjYyOTI1NjQ%3D&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMxODUwMjgxODA1MjYyOTI1NjQ%3D&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMxODUwMjgxODA1MjYyOTI1NjQ%3D&google_push=AYg5qPLqRM7hYg1j9uYd8X5ZvbQVA36srn2wJTFzclW2ScOjSRR5_hmtuTrkX4nUa_WwjRgjHUwx4q1c6TJEBqrEk4zNOJUbC4yF
date
Fri, 24 Dec 2021 16:46:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 61A0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEP3humkyTRWUwBrFVSwr9xI&google_cver=1&google_push=AYg5qPJdNSHiv2qta8_idEuVUJjYRpLgWKMcuzCLASsPgnyfq2Ge8bmmpGy4zBY3N-0f0sQNQUtT-UWZMZBelKiQIjGSZC04Zbs
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 61A0 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ku6v-3VCfKZvSODsnV0a5mkVel-YL65_l8oj3lCK71eHaNi-mKR4LmFRGvjgNqDNcRqVf8
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 84ED 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 15:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
5859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 15:08:27 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 0829 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4880 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 25 Dec 2021 16:46:08 GMT
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
Vary
Accept-Encoding
vevent
ams1-ib.adnxs.com/ Frame 374C 		0
874 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&e=wqT_3QKHDvBMBwcAAAMA1gAFAQjL8peOBhDvh7-b1f_y4nsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUILu2JwBWJjTW2AAaPqJM3jr2gSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU4NjY-APC2kgLlBSFySlFJTmdpVW1vRVlFSUx1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TXprNE5lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGa1ItUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASFCUjFJQz7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPDQOEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzE6Mzk4NdoEAggB4AQB8ASlWSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDjI4NTQJYSA1ODM4uAYAwQYBMDAAAPA_0AblAtoGFgoQCREZAVgQABgA4AYB8gZyCLyNTxJsUGhMUU4wMEEB2ERBQWtDQlFFSXRkSDBCeERSNnRnQ0dJcjJpZ01nQnlnQVFLUFBqZ2RJaGRXMUIxQ2JMVmpPTFg64gGV3wxBQUFJrR9ISm9CQWdnQYAHAYgHAKAHAboHDwHJSBgAIAAwADi9BkAAyAfr2gTSBw0N9QQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=5013a3d2ecac96b4c0ac6ffdf88e9643567e4e77&type=nv&nvt=5&jm=1003&sid=2310247651828630779&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13079169&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=94&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:06 GMT
X-Proxy-Origin
91.238.82.155; 91.238.82.155; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2e7b26f1-0be8-4729-9b90-d9f0daa79665
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 23 Jan 2022 16:46:06 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1458
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://betweenusparents.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://betweenusparents.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
sync_iframe
sync.bfmio.com/ Frame 5697 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363529
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.111.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Length
217
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 179B 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 24 Dec 2021 16:46:06 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
cdn.districtm.io/ids/ Frame F780 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2b4dcaeb20694f-FRA
beacon
ap.lijit.com/ Frame 280A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 8AE7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame B570 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 26 Dec 2021 16:46:06 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
8173
sync_iframe
sync.bfmio.com/ Frame BBD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=923b830f-b48b-4ec2-8586-f190599c29d0&gdpr=0&gc=&gce=1&us_privacy=
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.111.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 24 Dec 2021 16:46:05 GMT
Content-Length
217
Connection
keep-alive
checksync.php
contextual.media.net/ Frame EE53 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 26 Dec 2021 16:46:06 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
8173
pd
u.openx.net/w/1.0/ Frame 3D82 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 24 Dec 2021 16:46:06 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B2D3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57743
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A78 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57743
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8539 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
beacon
ap.lijit.com/ Frame F566 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 41C0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame DEB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 24 Dec 2021 16:46:06 GMT
beacon
ap.lijit.com/ Frame 4C01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 8BCC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame B411 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2b4dcafb26694f-FRA
sync_iframe
sync.bfmio.com/ Frame 2733 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363416
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.111.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Length
217
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame 63E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2b4dcafb39694f-FRA
/
ssc-cms.33across.com/ps/ Frame 03A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Fri, 24 Dec 2021 16:46:06 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 1943 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 24 Dec 2021 16:46:06 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame 593A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2b4dcafb45694f-FRA
pd
u.openx.net/w/1.0/ Frame 4D7F 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 24 Dec 2021 16:46:06 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0596 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57743
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 4ADD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Fri, 24 Dec 2021 16:46:05 GMT
sync_iframe
sync.bfmio.com/ Frame 6A63 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363420
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.111.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Length
217
Connection
keep-alive
/
ssc-cms.33across.com/ps/ Frame 0DC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Fri, 24 Dec 2021 16:46:06 GMT
index.html
cdn.districtm.io/ids/ Frame 4878 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6c2b4dcafb49694f-FRA
checksync.php
contextual.media.net/ Frame B52B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 26 Dec 2021 16:46:06 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
8173
beacon
ap.lijit.com/ Frame 7E98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F98 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57743
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 673C 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 24 Dec 2021 16:46:06 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ssc-cms.33across.com/ps/ Frame 6308 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aLqHwesbSr6PvgaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Fri, 24 Dec 2021 16:46:05 GMT
pd
u.openx.net/w/1.0/ Frame 0C91 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Fri, 24 Dec 2021 16:46:06 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
checksync.php
contextual.media.net/ Frame A15C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 26 Dec 2021 16:46:06 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
8173
beacon
ap.lijit.com/ Frame 4D56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13208641
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
nginx
Date
Fri, 24 Dec 2021 16:46:06 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D37C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57743
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
vary
Accept-Encoding
sync_iframe
sync.bfmio.com/ Frame B053 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1640364363534
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.111.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Length
217
Connection
keep-alive
checksync.php
contextual.media.net/ Frame DD0B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: monu.delivery
URL: http://monu.delivery/site/a/c/e2d8fa-93df-4fb2-9393-0dd03589a1f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 26 Dec 2021 16:46:06 GMT
date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
8173
9.gif
id5-sync.com/s/441/ 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 24 Dec 2021 16:46:05 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
activeview
pagead2.googlesyndication.com/pcs/ Frame F74F 		0
0
vevent
ams1-ib.adnxs.com/ Frame 0829 		0
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 0829 		0
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 0829 		0
0
bsevent.gif
tps20519.doubleverify.com/ Frame 0829 		0
0
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F1C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EEED 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 24 Dec 2021 17:38:15 GMT
new
ads3.admatic.com.tr/user/ Frame 6CFA 		169 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.236 -, , ASN (),
Reverse DNS
Software
AdMatic / AdMatic
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
br
etag
CekF49awsS5ltM8Sa-jr-6QcRYQZ7s19wzxJlp939oOSUhYK2zsk1e5gueFfpGUDWmWPeEbBcbgHOZWviTxaPw
last-modified
Fri, 24 Dec 2021 17:46:06 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
verifyc.js
rtb0.doubleverify.com/ Frame AB2A 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=26792913&plc=322784195&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_944600469983&jsTagObjCallback=__tagObject_callback_944600469983&ssl=1&refD=2&htmlmsging=1&guid=1640364366647929&sfe=1&aUrlD=-1&brid=3&brver=96&bridua=3&dvp_strhd=2.00&dvpx_strhd=2.00&m1=13&fcifrms=62&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETau49C%3ADE%3E2D%5CD42G6%3F86C%5C9F%3FE%5C4%3DF6DTau&ver=103&dvp_exetime=3.40
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Fri, 24 Dec 2021 16:46:06 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
12/23/2021 4:46:06 PM
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=bDR-SEhTGr67n_aKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:05 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 25 Dec 2021 16:46:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 07FA 		0
0
vevent
ams1-ib.adnxs.com/ Frame 374C 		0
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 374C 		0
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 374C 		0
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 374C 		0
0
bsevent.gif
tps20512.doubleverify.com/ Frame 374C 		0
0
container.html
822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BCE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 24 Dec 2021 16:46:03 GMT
expires
Sat, 24 Dec 2022 16:46:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY0MDM2NDM2NCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MmY1JaN0YT0jJat9NwxjJax9NDAjJaZcZF9jYXNmRG9gYWyhPWJyqHqyZW51p3BupzVhqHMhY29gJaN1YxyxPWJyqHqyZW51p3BupzVhqHMhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw05MS4lMmthODIhMTU1JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx2LwAhNDY2NC45MlUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFwNWY5NGMjMzUkOCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQjMmY0MmY2NmYjJaVcZD1TZWgcozRiU1BfYXyypwYkYmVzOTRwMmZwODxzpHVvVXJfPWu0qHAyM0EyMxYyMxZvZXR3ZWVhqXNjYXJyoaRmLzNioSUlRzNbpzymqG1upl1mY2F2ZW5aZXIgnHVhqC1woHVyplUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.135 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Dec 2021 16:46:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=bDR-SEhTGr67n_aKlId8sQ&lm=6&ts=1640364366021&dn=RCIV&iso=0&img=https%3A%2F%2Fi0.wp.com%2Fbetweenusparents.com%2Fwp-content%2Fuploads%2F2018%2F12%2FChristmas-Scavenger-Hunt-Clues.jpg%3Ffit%3D1280%252C853&t=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents&cu=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 -, , ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/christmas-scavenger-hunt-clues/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
userconnect
ih.adscale.de/ Frame FA60 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1640364366800&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.196.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-length
149
content-type
application/javascript
w_480_00001.ts
video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/ 		192 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn19/video/users/hls/28786/video_5dd38efb29ae6815027197/vid5f5fd31a2b83b381385992.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.65 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
via
1.1 b6a3e4c49d0265073859268bbecf413b.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
420932
last-modified
Thu, 19 Aug 2021 10:14:25 GMT
server
Tengine
etag
"52f34a63e6f7f01a98e50c7cd170e24f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
gHnN1msXG7H8UHuZHBQ1hsZAt2EsfYqZA757I0U_R_LlG40mw4wzPA==
expires
Fri, 07 Jan 2022 16:46:06 GMT
visit.js
tps.doubleverify.com/ Frame 61C1 		0
0
csync
sync.console.adtarget.com.tr/ Frame 6CFA 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame B9C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssedm1Pylz6eU-eH7EVjs-_jMoTNIigBn1mr09A3lzvjZyQgvgE2GHrtslt6nkNexIoSO1_2QDb75TMYZP5CjJLtx2lvGrvZ-L-eepXOh61BMOZAXnK5FpWfIP_BNra7cbfW0IhTe1IstlptBS_fu2kiQP6kIzmxdPkvlbYM-gL05Qa2E6Is-d7TJodtGpNbYI2qAW7x2k6qBNsw6zLwdvlBu7Fk6iTRcdHvtQN3nuFUvfZF0BRQOKpgrS1EeLpbcJQw4gLgMS-JG1OvQGeS8OR098G1-41rHwc6RcgipCPTAum_fuyhoxLtkbiolbgoTw9o4iN2BPXmrk&sig=Cg0ArKJSzI9wGkaxgDaEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Dec 2021 16:46:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Dec 2021 16:46:06 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.222 -, , ASN (),
Reverse DNS
Software
cloudflare / Love
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 15:42:53 GMT
server
cloudflare
age
147759
x-powered-by
Love
etag
W/"6166fe7d-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
6c2b4dcd2d424a85-FRA
expires
Fri, 24 Dec 2021 17:46:06 GMT
ast.js
acdn.adnxs.com/ast/ Frame 949A 		0
0
apstag.js
c.amazon-adsystem.com/aax2/ Frame 7967 		0
0
authorize
sic.33across.com/ 		0
0
json
gum.criteo.com/sid/ Frame 4E37 		0
0
212.json
id5-sync.com/g/v2/ Frame 4E37 		0
0
id
id.crwdcntrl.net/ Frame 4E37 		0
0
rid
match.adsrvr.org/track/ Frame 4E37 		0
0
usync.html
eus.rubiconproject.com/ Frame 825F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F470 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://betweenusparents.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=57742
expires
Sat, 25 Dec 2021 08:48:29 GMT
date
Fri, 24 Dec 2021 16:46:07 GMT
vary
Accept-Encoding
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 4E37 		0
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 4E37
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=42254dba-a42f-47fe-90f3-3a08c2461b74&_origin=1&gdpr=1&gdpr_consent=
0
0
sync
pixel.advertising.com/ups/57304/ Frame 4E37 		0
0
bsevent.gif
tps20522.doubleverify.com/ Frame AB2A 		0
0
log
protected-by.clarium.io/ Frame 4A4E 		0
0
log
protected-by.clarium.io/ Frame 4A4E 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: betweenusparents.com
URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.117.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-117-129.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 24 Dec 2021 16:46:06 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
20
4.gif
c.evidon.com/a/ Frame AB2A 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-244-187.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 16:46:06 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/gif
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame AB2A 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 33BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2854&pub_id=1190210
Requested by
Host: 822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 25 Dec 2021 16:46:09 GMT
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fbetweenusparents.com%2F&domain=betweenusparents.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://betweenusparents.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
http://betweenusparents.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1510
date
Fri, 24 Dec 2021 16:46:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 4CE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|105|10|221|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1560
Expires
Fri, 24 Dec 2021 16:46:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 4CB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|64|4|206|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1601
Expires
Fri, 24 Dec 2021 16:46:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 2C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|206|4|47|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1688
Expires
Fri, 24 Dec 2021 16:46:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 6636 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|218|81|65|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1673
Expires
Fri, 24 Dec 2021 16:46:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 7C70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http://betweenusparents.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|156|3|47|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1858
Expires
Fri, 24 Dec 2021 16:46:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 24 Dec 2021 16:46:07 GMT
Connection
keep-alive
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3F1C 		0
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3F1C 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F1C 		0
0
pixel
protected-by.clarium.io/ Frame 3F1C 		0
0
p
ic.tynt.com/b/ 		0
0
map
ih.adscale.de/ Frame C9ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.196.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 24 Dec 2021 16:46:07 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
integrator.js
adservice.google.co.uk/adsid/ 		0
0
integrator.js
adservice.google.com/adsid/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
vevent
ams1-ib.adnxs.com/ Frame AB2A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321643894;a.a=514091335;cache=3430846741;
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=yHjFDAosvdfRCyijbIn9&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321648292;a.a=513716717;cache=1049407564;
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
c.evidon.com
URL
https://c.evidon.com/a/n/1267/153615.js
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=12a0059abee44a4ba0a1467b5280dd8d
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcX5THQKXxJ536xCqZoe6gAABL0AAAIB&google_gid=CAESEHx8lKRrhh1PMjij2_OmEkk&google_cver=1&google_push=AYg5qPLcKpP1Q2rNdHvLl3yyNzTXIkvHEhQquAOb9ljL8Xxnr9C1WJ3cG62INDive2mIxQHUS_BGYmhhsd4OkC0-Qkuv4z5ZxIks
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJDQCmyIc_sT5zh8Lq7UiDOteeLyb2-mHImpNZRnH415jofwZd3Fi8sAYbmelG5sCcFHbizfmAFHqv7UA7QwbkqwaVMKKQ5
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=53757303458&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611590&id4=320x50&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=6577755767712387454&id20=614b730&p_d=0.335&d5=1312&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=%40https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=4%3A%20old_browser.uri_courant&url_referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCwfaj-pK0aE_bRrcj8y4qSBhudqyHXKScNdBvdmtOJnJchUNDB9zz2BUfCygzte1nDELgB9yZ0D9HK3pXIR2T-0m_Leu0cGq3-YWDMsZR_g2lRb9f&sig=Cg0ArKJSzG9F0v3S65eKEAE&id=lidartos&mcvt=0&p=5088,460,5089,461&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=873623921&rs=4&la=0&cr=0&vs=3&r=u&rst=1640364364030&rpt=669&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
ams1-ib.adnxs.com
URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&e=wqT_3QKIDvBMCAcAAAMA1gAFAQjL8peOBhD-opiO08C4pFsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUIbu2JwBWJjTW2AAaPqJM3j7-AKAAQGKAQNVU0SSAQEG8FWYAcACoAEyqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU5MDY-APC2kgLlBSF3NVJTUVFpVW1vRVlFSWJ1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TkRRd01lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGc1NLUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASEtUno5Qj7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPD9OEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMxOjQ0MDHaBAIIAeAEAfAEhu7YnAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABELDYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYOMjg1NCNBTVMxOjQxNzO4BgDBBgABMSwA8D_QBuUC2gYWChAFEB0BWBAAGADgBgHyBnIIvI1PEmxNQklCTmswQQLYREFBa0NCUUVJdGRIMEJ4RFI2dGdDR0lyMmlnTWdCeWdBUUtQUGpnZEloZFcxQjFDYkxWak5JSDrjAZXgDEFBQUmtIEhKb0JBZ2dBgAcBiAcAoAcBugcPAclMGAAgADAAOL0GQADIB_v4AtIHDQkJqwQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=aa03bb4b5ab28896bb013e0f5fa233c0ef5d379a&type=nv&nvt=7&jm=1003|1030&sid=2310247651828630779&vd=ct~0|rr~319|dm~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13079169&cid=3&cr=nv&pd=0.02&d=0.17&id=0&ic=0&d0=0&d25=0&d50=0&d75=0&d100=0&ft=3
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=53757303458&seq=1&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611590&id4=320x50&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=6577755767712387454&id20=614b730&p_d=0.439&d5=1312%2C1650%2C1650%2C0%2C0%2C1650%2C1650%2C1750%2C1750%2C0&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=%40https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=4%3A%20old_browser.uri_courant&url_referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1&size=320x50&p_d_v=0&a_d=0&wasatf=0&visible=0&d9=intersection
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=53757303458&seq=2&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611590&id4=320x50&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=6577755767712387454&id20=614b730&p_d=0.44&d5=1312%2C1650%2C1650%2C0%2C0%2C1650%2C1650%2C1750%2C1750%2C0&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=%40https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=4%3A%20old_browser.uri_courant&url_referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1&size=320x50&p_d_v=0&a_d=0&wasatf=0&visible=0&d9=intersection
Domain
tps20519.doubleverify.com
URL
https://tps20519.doubleverify.com/bsevent.gif?impid=d2fa66e9d8bf433999e2c414674644d7&nav_pltfrm=Linux%20x86_64&cbust=1640364366568773
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva9LYQQweHKsQ6jU16wir6IxzC6k_I_eDXoWsN5FMbZU3WNhFRpHoqaTLVK5rER3FyFSWHU5ILW50F1Gr8RjpgRTPXfZjqNBRZQA0Ssq-9yrCpFBDt&sig=Cg0ArKJSzLp7mOR9hnJPEAE&id=lidartos&mcvt=0&p=10950,260,10951,261&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=1687252209&rs=4&la=0&cr=0&vs=3&r=u&rst=1640364364473&rpt=1116&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
ams1-ib.adnxs.com
URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&e=wqT_3QKHDvBMBwcAAAMA1gAFAQjL8peOBhDvh7-b1f_y4nsY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUILu2JwBWJjTW2AAaPqJM3jr2gSAAQGKAQNVU0SSAQEG8FWYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKWAXVmKCdhJywgMzY3MTk3MSwgMTY0MDM2NDM2Myk7dWYoJ2knLCA2MjI0MTAwLCAxNjYdACxnJywgMTU2MTYxMjhGOwAscycsIDI2NTY1NTU3Sh8AAHIBdxwyODYxMTU4NjY-APC2kgLlBSFySlFJTmdpVW1vRVlFSUx1Mkp3QkdBQWdtTk5iTUFBNEFFQUFTTkVIVUlHbG5nWllBR0RQQm1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkFhZ0JBYkFCQUxrQkN5UnFoOTE0NERfQkFXSW11bGpPRHVZX3lRRUFBQUFBQUFEd1A5a0JFMG4wTW9ybDV6X2dBZVR4LXdMMUFRQUFBRUNZQWdDZ0FnRzFBZ0FBQUFDOUFnATnwgURBQWdESUFnRFFBZ0RZQWdEZ0F0dlgyUjNvQXU3LWxJNEc4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTnZYMlIwUUNCZ0FMZWpHZ3o0eUEzTmlNYUlERXdqYjE5a2RFQWtZQUMzb3hvTS1NZ056WWpHaUF3NEl4SlNWR2hBTEdBSXQBhvBpQUxvRENVRk5VekU2TXprNE5lQURteTJBQlAyUm9BZUlCT3VndmdlUUJBR1lCQUd5QkFvSTBQVG5DUkNPMVlRTnNnUUtDSnZwdEF3UWp0V0VEYm9FR2dpZUNSR2FtWm1abVpuSlB4a0FBQQVuMEFBQ0NiNmJRTXdRU2EVIAg4a0UNHiRBQUFEWUJBRHhCAQsNAURnZ1VjQ0xETUpSQUNHQUlpQUMdUAxERXpNBQJkUERQNGdGa1ItUUJieU5UNWdGbXFyV2Zxa0YNRxhBOEQteEJREQ4QQUF3UVUVDQRRTS4oAARfUi4oAAAyDSjIM1hqUVAtQUZ3NW9FOEFXQWtia0gtQVdqai1BQmdnWURSMEpRaUFZQWtBWUJtQVlBb1FZGWAgS2dHQkxJR0pBHbwAQh33BEJrFSwEQUMdGEBMZ0dDZy4umgLBASFCUjFJQz7pAihKalRXeUFBS0FBeBVCCEVBNjLVAUBVQ2JMVWtUU2ZReWl1WG5QMR1hAEYdeQRHRzmVADIdGABIHTAUSGdBZ2dFmpEBAGs1yPDQOEQ4LtgC9RDgAsTNHuoCO2h0dHA6Ly9iZXR3ZWVudXNwYXJlbnRzLmNvbS9jaHJpc3RtYXMtc2NhdmVuZ2VyLWh1bnQtY2x1ZXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDw76SAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA05MS4yMzguODIuMTU1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzE6Mzk4NdoEAggB4AQB8ASlWSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDjI4NTQJYSA1ODM4uAYAwQYBMDAAAPA_0AblAtoGFgoQCREZAVgQABgA4AYB8gZyCLyNTxJsUGhMUU4wMEEB2ERBQWtDQlFFSXRkSDBCeERSNnRnQ0dJcjJpZ01nQnlnQVFLUFBqZ2RJaGRXMUIxQ2JMVmpPTFg64gGV3wxBQUFJrR9ISm9CQWdnQYAHAYgHAKAHAboHDwHJSBgAIAAwADi9BkAAyAfr2gTSBw0N9QQuQAGoCNoHBgknROAHAOoHAggA8Af_4gKKCAIQAA..&s=5013a3d2ecac96b4c0ac6ffdf88e9643567e4e77&type=nv&nvt=7&jm=1003|1030&sid=2310247651828630779&vd=ct~0|rr~319|dm~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13079169&cid=3&cr=nv&pd=0.11&d=0.23&id=0&ic=0&d0=0&d25=0&d50=0&d75=0&d100=0&ft=3
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=37786954242&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611586&id4=728x90&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=8918758925964133359&id20=614b730&p_d=0.43&d5=660%2C%2C%2C%2C%2C%2C%2C%2C1084&d3=1600x1200&d6=found-wabbit&d7=0
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=37786954242&seq=1&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611586&id4=728x90&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=8918758925964133359&id20=614b730&p_d=0.434&d5=660%2C%2C%2C%2C%2C%2C%2C%2C1084&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=%40https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=4%3A%20old_browser.uri_courant&url_referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Domain
data00.adlooxtracking.com
URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=37786954242&seq=2&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1190210&id2=265655578&id3=328611586&id4=728x90&id5=13079169&id6=3671971&id7=2854&id8=15616128&id9=8808822811383001847&id10=6224100&id12=%24ADLOOX_WEBSITE&id13=8918758925964133359&id20=614b730&p_d=0.435&d5=660%2C1095%2C1095%2C0%2C0%2C1095%2C1095%2C%2C1084%2C0&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=%40https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=4%3A%20old_browser.uri_courant&url_referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1&size=728x90&p_d_v=0&a_d=0&wasatf=0&visible=0&d9=intersection
Domain
tps20512.doubleverify.com
URL
https://tps20512.doubleverify.com/bsevent.gif?impid=aaa25483dd014007a1702cc01fe40a94&nav_pltfrm=Linux%20x86_64&cbust=1640364366736561
Domain
tps.doubleverify.com
URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=599&ttfrms=8&brid=3&brver=96.0.4664.93&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETar9EEADTbpTauTaugaa3_e5%60d2467bb6d36%60c7heb_4g22e_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEATbpTauTau36EH66%3FFDA2C6%3FED%5D4%40%3ETau49C%3ADE%3E2D%5CD42G6%3F86C%5C9F%3FE%5C4%3DF6DTau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=560&ddur=10&uid=1640364366857308&jsCallback=dvCallback_1640364366857228&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1950&tgjsver=1950&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=62&brh=2&sdf=2&dvp_epl=332&noc=4&ctx=13361095&cmp=26918589&sid=443002&plc=321648292&crt=162425502&btreg=513716717&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=20826865433.26834&dvp_tukv=124294243665.2491&dvp_uuid=11937497.25168121&dvp_strhd=2.3000011444091797&dvpx_strhd=2.3000011444091797&dvp_tuid=425166859906
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=dH2Ms6w6ZnP5SHmJHTqJlpNPgff70xdV0QgA_y5T0kKteSHZC_t6NBGzc4YZdNBXSmNRvUyb3Y-YE1coh4E04A
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/ast/ast.js
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/aax2/apstag.js
Domain
sic.33across.com
URL
https://sic.33across.com/authorize?usPrivacy=&version=3.19.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&referrerURL=&publisherId=bDR-SEhTGr67n_aKlId8sQ&publisher=monumetric_betweenusparents.com_Pillar&maxTouchPoints=0&navigatorPropsCount=35&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=12156&_=1640364366920&callback=_tynt_jp.ais3lg3gf
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fbetweenusparents.com%2F&domain=betweenusparents.com&cw=1&lsw=1
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/212.json
Domain
id.crwdcntrl.net
URL
https://id.crwdcntrl.net/id
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=42254dba-a42f-47fe-90f3-3a08c2461b74&_origin=1&gdpr=1&gdpr_consent=
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
Domain
tps20522.doubleverify.com
URL
https://tps20522.doubleverify.com/bsevent.gif?impid=9daacce5e7914247a505cca457a634d3&vfdur=16&cbust=1640364366946108
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
c.evidon.com
URL
https://c.evidon.com/geo/ba.js?r211116
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0L2FwcG5leHVzQXN0OjMyMHg1MA==&v=5&s=v31fnmlbn9a&id=eyJkZnAiOnsiYWQiOjM5MDYyNDk2LCJjIjo2MjQ5MDcwODMzNiwibCI6ODc0NTk5MzYsIm8iOjIwMzk2NDkzNiwiQSI6Ii8yMDg0MjU3NiwyMjUxODgyNjcwMi9FTUwwMk0vRU1MMDJNLURETC5HIiwieSI6MCwiY28iOjAsInMiOiJtbXQtYmlhY2RzaWQtZjJpYy1qaXRiLWttaWwtaWN0b2FtdHR0aHRjLjcifX0%3D&sb=undefined&cb=6451047&h=betweenusparents.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEwyRndjRzVsZUhWelFYTjBPak15TUhnMU1BPT0iLCJ3ZCI6eyJrLmhiX2JpZGRlciI6ImFwcG5leHVzQXN0Iiwiay5oYl9zaXplIjoiMzIweDUwIn0sIndyIjo0MH0=
Domain
ic.tynt.com
URL
https://ic.tynt.com/b/p?id=bDR-SEhTGr67n_aKlId8sQ&lm=6&ts=1640364366021&dn=RCIV&iso=0&img=https%3A%2F%2Fi0.wp.com%2Fbetweenusparents.com%2Fwp-content%2Fuploads%2F2018%2F12%2FChristmas-Scavenger-Hunt-Clues.jpg%3Ffit%3D1280%252C853&t=70%20Printable%20Christmas%20scavenger%20hunt%20clues%20-%20Between%20Us%20Parents
Domain
adservice.google.co.uk
URL
https://adservice.google.co.uk/adsid/integrator.js?domain=betweenusparents.com
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=betweenusparents.com
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457746276947931&correlator=2087766517369798&output=ldjh&impl=fifs&eid=31060437%2C31060979%2C31063378%2C31061030%2C31061166%2C31063246&vrg=2021120601&ptt=17&sc=0&sfv=1-0-38&ecs=20211224&iu_parts=20842576%3A22518826702%2CEML02M%2CEML02M-DDS.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ris=3&rcs=1&prev_scp=pos%3D1%26monu%3D300x250-160x600-300x600_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D7cc16481-2a1b-44e1-a4db-57696ba4266d%26monu_df%3D0.40%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D7246024fd3971287%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Dd1824c8a8a4d6968%3AT%3D1640364363%3AS%3DALNI_Ma9WyJ-zUXg8kxQWjEbOkKaqKOljA&bc=23&abxe=1&lmt=1640364367&dt=1640364367185&dlt=1640364360242&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=1040&adys=897&adks=276319871&ucis=f&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H89LnWL9-Hc45BnaBpGXzmgn5lc7Q4euCgLllrQQa4ucXqdEdz8YTZ2tNsIDzXq2l0SkIx3X3z7Ed3iRh3Zxg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9FkmLWo93--zzAR3pbnsWbDk8rZM8NT-zq7utYGG04TK9eSBg4LJiPvEqu0I9H6lRVTt5wESvSmHWxa6RGJg%2CAGkb-H-IYRoTkUlpVEqgu3oCJfUoZau-WrGME8k1g05yfEbUUk7DnFaEiOWjb67c-t19WeIqjGdtlGTemEVzcl6I5A0&ga_vid=1792763845.1640364361&ga_sid=1640364363&ga_hid=1664650026&ga_fc=true&fws=4&ohw=300&btvi=0&nvt=1
Domain
ams1-ib.adnxs.com
URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fbetweenusparents.com%2Fchristmas-scavenger-hunt-clues%2F&e=wqT_3QKJDvBMCQcAAAMA1gAFAQjL8peOBhCnlPbbjpHZrAYY9-XdjtC1zp96KjYJyshZ2NMO5j8RhWBGks_k2T8ZAAAAgOtREkAhhWBGks_k2T8pysgJJNAxAAAAQOF69D8wgaWeBjimFkDRB0gCUIHu2JwBWJjTW2AAaPqJM3jc7AOAAQGKAQNVU0SSAQEG8EOYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDM2NzE5NzEsIDE2NDAzNjQzNjMpOwEdLGknLCA2MjI0MTAwLEIdACxnJywgMTU2MTYxMjhGHgAscycsIDI2NTY1NTU3Sh8AMHInLCAzMjg2MTE1ODU2PgDwtpIC5QUheEpTM1BBaVVtb0VZRUlIdTJKd0JHQUFnbU5OYk1BQTRBRUFBU05FSFVJR2xuZ1pZQUdEUEJtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JDeVJxaDkxNDREX0JBV0ltdWxqT0R1WV95UUVBQUFBQUFBRHdQOWtCRTBuME1vcmw1el9nQWVUeC13TDFBUUFBQUVDWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58IFEQUFnRElBZ0RRQWdEWUFnRGdBdHZYMlIzb0F1Ny1sSTRHOGdJRGMySXgtQUlBZ0FNQm1BTUJvZ01UQ052WDJSMFFDQmdBTGVqR2d6NHlBM05pTWFJREV3amIxOWtkRUFrWUFDM294b00tTWdOellqR2lBdzRJeEpTVkdoQUxHQUl0AYbwaUFMb0RDVUZOVXpFNk5UZ3dNT0FEbXkyQUJQMlJvQWVJQk91Z3ZnZVFCQUdZQkFHeUJBb0kwUFRuQ1JDTzFZUU5zZ1FLQ0p2cHRBd1FqdFdFRGJvRUdnaWVDUkdhbVptWm1abkpQeGtBQUEFbjBBQUNDYjZiUU13UVNhFSAIOGtFDR4kQUFBRFlCQUR4QgELDQFEZ2dVY0NMRE1KUkFDR0FJaUFDHVAMREV6TQUCZFBEUDRnRnFDMlFCYnlOVDVnRm1xcldmcWtGDUcYQThELXhCUREOEEFBd1FVFQ0EUU0uKAAEX1IuKAAAMg0oyDNYalFQLUFGdzVvRThBV0FrYmtILUFXamotQUJnZ1lEUjBKUWlBWUFrQVlCbUFZQW9RWRlgIEtnR0JMSUdKQR28AEId9wRCaxUsBEFDHRhETGdHQ2cuLpoCwQEhLUJ3REJROukCKEpqVFd5QUFLQUF4FUIIRUE2MtUBQEVDYkxVa1RTZlF5aXVYblAxHWEARh15BEdHOZUAMh0YAEgdMBRIZ0FnZ0WakQEAazXI8P04RDgu2AL1EOACxM0e6gI7aHR0cDovL2JldHdlZW51c3BhcmVudHMuY29tL2NocmlzdG1hcy1zY2F2ZW5nZXItaHVudC1jbHVlcy-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APDvpIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTkxLjIzOC44Mi4xNTWoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzE6NTgwMNoEAggB4AQB8ASB7ticAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEQsNgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg4yODU0I0FNUzE6NDgxNbgGAMEGAAExLADwP9AG5QLaBhYKEAUQHQFYEAAYAOAGAfIGcgi8jU8SbE54THFOazBBAthEQUFrQ0JRRUl0ZEgwQnhEUjZ0Z0NHSXIyaWdNZ0J5Z0FRS1BQamdkSWhkVzFCMUNiTFZqUEpYOuMBleAMQUFBSa0gSEpvQkFnZ0GABwGIBwCgBwG6Bw8ByUwYACAAMAA4vQZAAMgH3OwD0gcNCQmrBC5AAagI2gcGCSdE4AcA6gcCCADwB__iAooIAhAA&s=66dcaf8278606f53b2d1c6ee74f91626c4434ddd&type=nv&nvt=5&jm=1003&sid=2310247651828630779&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13079169&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=254&ww=300&wh=250&ft=3

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| _SHR_SETTINGS string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout string| GoogleAnalyticsObject function| __gaTracker function| ga object| _wpemojiSettings object| webpackChunkpublisher_sdk function| Shareaholic object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| $MMT object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| confiantWrap string| speed boolean| loaded function| mainrun function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| ifvisible function| inView object| apstag function| bret function| cash function| pagespeed boolean| publisherConfigLoaded number| PIN_18985 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| WPGroHo object| addComment object| wp function| Spinner object| jetpackCarouselStrings object| _stq object| jQuery112406706295600525067 string| new_css object| confiant function| st_go function| linktracker_init object| wpcom object| googletag string| ggv2id function| vglnk object| PIN_1640364361026 string| value object| key object| PinUtils object| __connect object| headertag boolean| apstagLOADED object| ats boolean| creativeVendorLibraryLoaded object| ggevents undefined| bean object| GUMGUM object| ggeac object| google_js_reporting_queue boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16403643611706 undefined| vglnk_16403643611717 function| xDomainCookie undefined| google_measure_js_timing undefined| vglnk_16403643613289 undefined| vglnk_164036436168610 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms boolean| isPxlSent object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent166 object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages object| ggData boolean| sekindoFlowingPlayerOn function| confiantDfpWrap

28 Cookies

Domain/Path Name / Value
betweenusparents.com/christmas-scavenger-hunt-clues Name: session
Value: 1a7e84d4-c2d3-4bba-90ab-997da950c905
map.go.affec.tv/map/af Name: oo
Value: 1
.betweenusparents.com/ Name: _ga
Value: GA1.2.1792763845.1640364361
.betweenusparents.com/ Name: _gid
Value: GA1.2.477571320.1640364361
.betweenusparents.com/ Name: _gat
Value: 1
betweenusparents.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
betweenusparents.com/ Name: _lr_geo_location
Value: DE
.go.sonobi.com/ Name: HAPLB5A
Value: s5610|YcX5T
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG0fBGwtx48QFx6rhvmHaJKjYTFocZQy6uZ_Dn94038kpcRXAVFOf9dw
.gumgum.com/ Name: vst
Value: e_5f99ed0b-6af5-4079-9e88-d9eddcb25599
.adnxs.com/ Name: uuid2
Value: 8808822811383001847
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkH8tH9XjzrhCf10BczQlrCsqEJpsYRWYPjG4jdqXvW885uKQ54CSYOAkyLEak
.adnxs.com/ Name: icu
Value: ChgIwtJIEAoYBSAFKAUwzPKXjgY4BUAFSAUQzPKXjgYYBA..
.betweenusparents.com/ Name: __gads
Value: ID=d1824c8a8a4d6968:T=1640364363:S=ALNI_Ma9WyJ-zUXg8kxQWjEbOkKaqKOljA
.casalemedia.com/ Name: CMID
Value: YcX5THQKXxJ536xCqZoe6gAA
.casalemedia.com/ Name: CMPS
Value: 5211
.spotxchange.com/ Name: audience
Value: fc168277-64d8-11ec-8c61-1a404fd50206
.casalemedia.com/ Name: CMPRO
Value: 1213
.casalemedia.com/ Name: CMST
Value: YcX5TGHF+UwA
.go.affec.tv/ Name: ck
Value: 61c5f94c3b29a20001fa7736
.go.affec.tv/ Name: oo
Value: 1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.creativecdn.com/ Name: u
Value: yHjFDAosvdfRCyijbIn9
.creativecdn.com/ Name: ts
Value: 1640364365
ads.us.e-planning.net/ Name: CT
Value: 1
.go.affec.tv/ Name: pt
Value: eyJ2IjowfQ==|1640364365|8f29794ce482fb4b2e89915290ca3dadd3a5e07a

221 Console Messages

Source Level URL
Text
network error URL: https://i2.wp.com/www.chicagoparent.com/content/images/bloggerbadge_150x150.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 8)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net".
javascript error URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Message:
Access to XMLHttpRequest at 'http://api.rlcdn.com/api/identity?pid=2&rt=envelope' from origin 'http://betweenusparents.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://betweenusparents.com/christmas-scavenger-hunt-clues/
Message:
Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762' from origin 'http://betweenusparents.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.nokidhungry.org/images/NKH_Blogger_badge2.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://prebid.adnxs.com/pbs/v1/auction
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321643894;a.a=514091335;cache=3430846741;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=26918589;s.a=443002;p.a=321648292;a.a=513716717;cache=1049407564;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
deprecation warning (Line 3)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
security error URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.493.0_en.html#goog_2137869657
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1458
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

822b06d15acef33e5be14f9630c8aa60.safeframe.googlesyndication.com
acdn.adnxs.com
ad.atdmt.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yieldmo.com
ads3.admatic.com.tr
adservice.google.co.uk
adservice.google.com
adx.adform.net
ams1-ib.adnxs.com
analytics.shareaholic.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.viglink.com
as-sec.casalemedia.com
assets.pinterest.com
ats.rlcdn.com
badge.clevergirlscollective.com
betweenusparents.com
bloggernetwork-d.openx.net
btlr.sharethrough.com
c.amazon-adsystem.com
c.evidon.com
c0.wp.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn-sic.33across.com
cdn.admatic.com.tr
cdn.adnxs.com
cdn.ampproject.org
cdn.districtm.io
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.shareaholic.net
cdn.tynt.com
cdn.viglink.com
cm.adform.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
contextual.media.net
csync.loopme.me
data00.adlooxtracking.com
de.tynt.com
display.bfmio.com
dmx.districtm.io
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
go.affec.tv
go.shareaholic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
ic.tynt.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
imps.monu.delivery
ipwatch.monu.delivery
j.adlooxtracking.com
js-sec.indexww.com
js.adscale.de
js.gumgum.com
live.primis.tech
log.pinterest.com
m9m6e2w5.stackpathcdn.com
map.go.affec.tv
match.adsrvr.org
monu.delivery
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.shareaholic.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.wp.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
protected-by.clarium.io
reachms.bfmio.com
recs.shareaholic.com
rtb0.doubleverify.com
rtbcdn.doubleverify.com
s.console.adtarget.com.tr
s0.2mdn.net
s3.amazonaws.com
sc.tynt.com
search.spotxchange.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
sic.33across.com
signal-beacon.s-onetag.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stats.wp.com
sync-tm.everesttech.net
sync.bfmio.com
sync.console.adtarget.com.tr
sync.search.spotxchange.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20512.doubleverify.com
tps20519.doubleverify.com
tps20522.doubleverify.com
tracking.m6r.eu
u.openx.net
ups.analytics.yahoo.com
video.primis.tech
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.nokidhungry.org
www.shareaholic.net
x.bidswitch.net
acdn.adnxs.com
ad.atdmt.com
adservice.google.co.uk
adservice.google.com
ams1-ib.adnxs.com
api.rlcdn.com
c.amazon-adsystem.com
c.evidon.com
cdn.jsdelivr.net
cm.g.doubleclick.net
data00.adlooxtracking.com
gum.criteo.com
ic.tynt.com
id.crwdcntrl.net
id5-sync.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
protected-by.clarium.io
securepubads.g.doubleclick.net
sic.33across.com
sync-tm.everesttech.net
sync.console.adtarget.com.tr
tpc.googlesyndication.com
tps.doubleverify.com
tps20512.doubleverify.com
tps20519.doubleverify.com
tps20522.doubleverify.com
ups.analytics.yahoo.com
www.googletagservices.com
104.111.244.187
104.16.190.66
104.18.15.222
104.18.29.199
107.20.147.136
142.250.184.194
142.250.185.98
142.250.186.66
143.204.95.188
143.204.98.101
143.204.98.116
143.204.98.125
143.204.98.39
143.204.98.60
143.204.98.71
147.75.61.140
149.47.142.178
15.197.193.217
151.101.1.194
151.101.128.84
151.101.193.108
151.139.128.11
178.162.133.150
18.156.195.47
18.157.100.237
18.157.95.55
18.159.117.129
184.73.100.94
185.220.204.135
185.33.220.145
185.33.221.90
185.64.189.112
185.64.190.78
185.86.138.119
185.94.180.124
185.94.180.125
188.132.147.236
192.0.76.3
192.0.77.2
192.0.77.37
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.93
204.154.110.87
213.254.244.17
23.37.38.181
23.37.42.132
23.88.75.189
2600:1901:0:333a::
2600:9000:2156:a000:f:4f64:8940:93a1
2606:4700::6810:5714
2606:4700::6810:a00d
2620:12a:8000::4
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
2a01:7e01:1::ac69:92e7
2a02:2638:1::13
2a02:26f0:6c00:28e::1931
2a02:26f0:6c00:2b2::4469
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
2a0c:5c81:5095:0:225:90ff:fefa:245d
34.107.148.139
34.120.133.55
34.149.20.76
34.204.113.242
34.209.120.242
34.226.111.203
34.231.31.218
34.236.58.25
34.243.64.153
35.186.236.140
35.244.159.8
37.157.6.242
37.157.6.247
37.157.6.251
37.252.161.190
37.59.24.120
5.178.65.246
52.208.210.171
52.216.205.245
52.29.20.215
52.57.255.59
52.58.196.21
54.217.255.32
54.224.34.198
54.228.180.49
54.36.109.47
54.77.120.81
63.250.60.65
67.202.105.21
67.202.105.31
67.202.105.33
69.173.144.139
72.251.244.142
72.251.249.13
76.223.111.18
89.187.169.47
0239265830fa66f740aba2cefea1776aee9be19c115af74bf4de949dee022982
02b7edf18c0754e14712a4ea00963c5e23fcfb0314afc36bd39914ba666b3953
031270269b1a9578af2a16f208cd63ef1397327c3ffc2f59bcf6324c5ee9a2e6
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
055150560f7bef9d38fac4b5e9773663e1877186eb90fb7ced1c73b286b50497
05fa8406ce3b494e305c990796980678bf57aafe72f5e785a3905bd34af1d7a4
064c0ed336c490126870df89bbed33d1ffb5df27fb6e8b6e29108de23aa2bb93
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d46b268808dd72fab2fd92db6a639f8c5e508d4789da20c3cefe518d1ac2b3
0876851e1dbc04e47be8ea656082399e610a7c0048064ee713733e4d42cfa36c
088d5e2f1bb43476683144a003fe0b96155a4431265f297144895ff4bfdb2d83
08ec332c446e727696ff53c4c9ee2f3f5f605ce5672021e9691f89bd12c02f43
0b9152dd9853ac91a5efa3ba049786a28395a776555fd9890b5a489dc7d5c327
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0f4ca0e8e23c46d1e74cec2d65bfc99f0dab8a0db5a95ef8fea414b0bbc12667
0fb97e0017348346196e720448bf05215465a6e8ab745614d953bbbcf1714e0c
1073e40c10d64d065b1ea031484d3043142b29c1c8afaaeaab3e999d49f9d4c1
1105120f0de312b0218a89aabec2db4cae24cd13db34c3b4bc9ffcfd0594d1ff
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11624b408a26fc5bea30f65994392989dc97fec4c2fad3d3e8bac50af6e6deac
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1221390ef78227431d02a340db131a202d5b699399207ddf694b36dbf8657305
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13325969b4748b2ffc0dd81a00dd32eda9bb54a9f9edc0d5309f7bc1ebf7578c
134f4a39b11972e436ad81464caa48cf07310f1d14e4397a763c4b30782ea3bf
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
13bed15444422153b6c1e43fac73effc9295d3eb29fb2ae6326f87ca02f9b44b
13d26038ec762766f7958ed656eec65150e1661669694712cd6b949c2cf205a3
1475908bdd082cec6ce68fc662609fdff916205ff566ded78cabfa2837d3fc01
152ff334768ffe76eeecf243a378805a80b1b7ac6da170c6dbe62150fa65df5a
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15af68248463993d7469dd7c5ab921b77acb43b1dedd26ca7bf9884586ba9370
15c5d10595df7298592fc4f50f5f4d5b642ed64078e0ff879ab47b26217868de
162abdf70510a7742c5dc313440ad7fe35a7ef80c420f1861d14558d19b8519d
1730dab7f2b9e2dcf7266e03e1d5f840b14e4d0230322887c86609461c9de22d
179d3c5f2d03bac5b9ec63e8f91d78d5bb68435f20de4ce30668b8990ad3f8e8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18928d9c25235f8ef57b517f57ab98184a51c0ffdeb7fb79f1f6bdc8507058d2
19ab89ebe654c9839c7832cb2a3758f1386634b62498c5db6e1afcf87a284824
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c288085eed1269e213db44c857785da69dcff137cd941d12985b310ced1d6c4
1c40ff524160915c634c9c4d52c18c19dac8acf14dd57568860cf335fd30cc37
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d1705a6c6b4d4abc8e96bc116bf18da3c52da9025ed2fec99283e4325237c8c
1d2edfe4b9da6657460275a1e6ed9d7e114848f0b531ff229774a2dc92a60faf
1d5da30c6223fdee5615e3a744a1e510ebf0f3a88860073d42eec18487b3a8a1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e1a24f07883dd3da59de6b79db360b626648bd3b8b83cffe1112e9b9f8cf1df
1e74c0447e97c86622071e7ef01ce35bc75128e1fa54dc00f5e425ae363e306b
1f0c3506df8425231e561ea7caa9fb65452e170f397e8b6c1c255595e6df58ed
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f932f6b67da2b8fd660807f4ba5945669d07d155c284c4544ab4c6ecd2adaf0
2057502b583ab161950057af53de93840108a1ec56b0f44f4e4dbba8d885cb61
20d671a8c412160715b7e87a8176bdacd4e1a24844da243e4330a479a1a50a5a
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
222ccc320d76314b189ce4d71f14f40861354d0bec2e4209fe52a8ce2e59edbd
22626479c38c845a4cf3ad476133c34ff496d2c94e72f201be28c904347f2fd1
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22c1bc19a8d31d025d5e765449483e3c25c322c0400d91ba295d5f5c735c6e56
22f555d989081e31d8279fce275b539ca0d1cef361b6904e39d87b5c50944d02
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
2411f7a1ebce2ff323482c4ebfa07f0efa67319658db9b60398047b5cb2b49fb
25b6a2563949e830adfabf1deea1d04761bbe569fcfd9d485cb18a44dd5050b9
26873785c8abcd72a8981e4eaf6bba59cb34de72dc062610ec339ed5c0ebcc26
26c53ad70011c906c3b259f9363cfe8a9c591610a83f8355ca40f14aeb669e30
273a3d0a407eade0e671bb66687373418ff3d68149d18ef464869531838ef398
28e34be86c660348a5db6f0fabfcad20e5398af321c9326b20a388f77079edcc
29133ee25af49e630ac7ef6ba2d114adeac2392a1cbcc8e15189baf3c792a6ae
291b54acb16c4e0c5d589617d8b7b847f9971989ced9e806dfe346f81fa91d15
2adcd871bf4a8ecfdcc6e09b2f313191e27da13bc947fb1723ac40f51539247b
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2bef99721b2f9c5862129466fc4d9dc52a57df852f65c24ce33a04b6a2f02cf1
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dbdcfc8f68aee1155a4b9db2811001378b0e65de4d0303a12a83c110d1d9414
2de99afedc23ea22e01d5c3e69bdf3e1406baa0ed873877279a44da3561335af
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
2e6ef736b6428a85d284b42a27dd7ee1230d8ffb4623e4acb99021d361351383
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d
2fd9efa6cbfbeed71527913f0c302c43a78c707a98654e944804124253991ed9
300513b006bdcac7a03ab8a7f35b31d2e48d1425db6a5c0dd9449ad5f91c4ca4
3164f7d13892b0728459e8f03e07e8a57eac10ae664851b94e6fb4ae12264330
319899a0d96ea568e9b56f2eb5ee65a59627a33160341ea4b720ce683546d94d
320afcd846fd83c4d68bb14ef313b1ccec7b8057fd6cf0f2cbff737b3e410ff1
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
344a67237015ca1641309e26bf89bf7ea1f11c734ebd1a361b6cba23ed6f5fef
355cd3d464ea2217f653d13f22f2ea61c9cb68d5b00c62dd7bd3803bf66a27fe
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3677b12e759113dc8a339f42c4fc71b9fd204a5a8f1bf247ab45533158882f1b
36a74661dfb652c289dd3bdccf3c31dc9ba453a328a4318aa72a34f1454f0842
36ad0edaf88cb19e7cbdae22470c1f124f02fd5673bf6144c0a7a9f0a8fef987
36ba17ec4474602da122b82be83d10d532c0d23e6723b4f1e6d6709f60d889e7
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36f581da449105ad2ab26be82e5835c47644e320fbabeab5d85a11d6a861bdb7
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
37d60574228245e6373bd4655dc187316bbe21d8490b719ac4c929d8cb9de66d
387ff87f971f0f10bd049eb926686db432ccf9f91bf2e776308f841c3f3b2f24
38e87db9a8930758565336d5ba0d7e23eedc28cd2f5b0426c21ce328ea6af046
39bf6ae2c1fe2edcb6328191c1285714813de2010c65498c31ce6011ae0ca826
39c5929986ae95bf9bf917f879ac0cb89570f9280bc30ea0cda6f3ba3f987159
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3bf31d3bb30bfc934b26061f68b8b95ba5487c7d715ad488270e250f2e447b33
3c3404ef68f8d1603eeddc5ae702de9cb74dc3d3c5c194f04bfaaa13089e1f65
3c36be937a3f96038abfff68f6292185305285382d2f663b2153baeeb99cc939
3c6a3720062b32bac08397d7dc97a27484f987ff7812ecd3520beaa917b1e430
3c81291fb7455862c7cbff12df735c3d3c189ab0ab48ae7a3bae7a2b85141a39
3ce4399c5078ca5cea592b3eaf5eadeb4e8e0ca168468bb5ceb3122bc83a6bbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3dda07d0edcd045ed13442dc2abee3491b8af1eb0b41219b332ed8cb99b9a238
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
42b873a89ce6d25a8177de17df292aba9199e5452c5569a181639cf4f1af1abd
433c31b614d13a4271cb35fb7258f2d94a63368adcbc517ba04bc80081f88dfe
434cf1b7f4e034cfcfea65613f95faeb294adcafab29da312ff4e1a684a232c3
4390b5d6e98f71a29c41b67a527d293397ab70f357092b72aba765aa3d137814
457a06b6a40857848b43dc2f8260298850df00cb7493701400d8bb6d65887295
4655e1d80abfaf8b080f20fcfb573442531f16ffdb530133d45a932782c2e218
46c1216e273616fff4850dd9092e9a7a2d5d55cec93a8a3810302208133794c2
47b49c858f971fb1069cb68025d0ddc24b7d7746b645e5b14720ecedc5f47a5b
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c
489b4b852d00689f3b493dcedab423fc0a20c670859e65c7dd3eaf5e621f4385
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49107d30d80dc946b41a979b8dc08bdc9c942c864a2d5f337f703f0a31e0a1b4
49bea52a84ecd36a5ccf8c00af4c2cb8320561914f7e67aa03cfd5cefe00e2d1
4a3ea4c45299c510e486c2169068fcb2eb0ab1d0f44a87f1a06ba77cfeaca261
4aceccfa9c85221f174b65ae2ded31c2563d5d85c3669644cd3221add7d9d3b7
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
4c4f4a5948308b4470ec82aa3a32fe663e61ad21f6b630e29e4da7d1d2a7bd9c
4d071d69e25eb8288369459a7fa77275fd654bc22f4965e50ca2e95fe63931c3
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
518e708e839e799278acc42c0b3038f39d8da6135e14d9257cb88c5c884a4f58
522ce917b093449e2aa5ba01233d679cb1a561428e512d8358096a490e226393
533c753efb6810b90dd7af1fe6fa4d028c88752f43b08fac854e56cf1d8b4214
53611d5c9362d927ccfefc1376f6f0035118615743a471861c102fc991aa2070
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a4d492b4874e54c04c38a5ce4427d467c745a7df233cf9706969cd31e7972d
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dce838acab15b31afe77d8ae3d8da0fc171133d078d83e0712c76d7df0d4d8
55ff2324d9e568314dbbd91799e77987b1b1e6126e6bb0925d83ccdb7eb1068a
5689caaabf5a7821a72c38327365d0904e43772ce268aeaaa62469ba60462e33
57558c6f8aa03c0dada7b51fda84bad11e5613adfc9c149b62a751a8c3ecb999
57ba102c1cd662cbab6659e0b3d5a75c47d9a231a77b10ae208b5db34029c7e9
57f9d9db71a8a5cb7455d85870bbd2d2a0740f17de5cc96d2cf7b88277eacf28
58ab11705b55ff724937dec9a2460d6b4abbea21f5ea3596bc52a7c5314b46af
596a663c0ed4e23df38c2a4bfa1bdd95602b793240e938d16c19603fcd7f7dcf
59f2bb9aa5c090ee7b359a3314c042dfb6829c3ef5fcd02195349376506f724c
59f9d22d397eedf12f38f11aa3ad971573758e3d85176c74528d2be67d7a3bb0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c735adc9d26ca50f4cfa7fd732798c273792cef4b88fdf96e33ba329a71d5
5aaaae2f48ace39a7a0146956234a0cc37a26677d229006d5f17d1c34b404176
5add136eafd18cc88a05d3ad7763e47691b43bfe0e8cf20fa49d01cbdfb0efba
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5bb5b1603376fd0d3c5874f56a97d2e27060dc2da0504ab45e37a1450929bebc
5be3c4ef034b36088bb735684d2cee502c5a14aaf8de05d0d9232a92bf583dd4
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d8d1364fa8452947d3b9c9d2926903bfc5249dd398cde7a442eac03a44f024b
5d90775e7cabebc222459a96c3e28a341027639ccba9bc87be3a8e8989178d58
5d95ca9a637a2535a28c93edb01079706fb32f90412de13eb0d191eea3fe46b6
5db666a756bd79cf64d14ee3eb8e45551b62246932593fddc517fb86b40bdf7c
5df8ae955ff626c43b9f12bf6d5d7749347352e0f526122bbbaafb813c1b2907
5ea57a50e929ad31b45d64b97b8031e78130315ddd0d25b74cf7fad92939cae4
5ff2ac6c5126e32d34a2117fcf90583ea4465bccd96027f7df9cf41bbd4dd827
6064a2d6827b6c3cbd2f6487a2ccde4d2cdf64fda3d99226ed9fa4e370ed76a0
60920f471a20be5f2d464c5c12952c44a9c1cc1e0bb5f314f632914bf4e40aa7
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6170560407b6a6f9dfc6e2aed16bf9e4a4b94555a477c8db47581570f366d1f7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62297d4671f94217dc55f32bcd0294426453e5ccd7d49c8af61de20a69f5fbe1
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
6354d55b7d57846969a1e605af74e737f4b80a16c6e1fbfff39e01024b44882e
6369981eb9ff5b8ea99d7304080f801c70949c967f424e65b61660edcddbacd9
63c3f35eed8f9fae951373f4f0642d09521b1b86c8d3a6d679047bc5440790fb
63ccbbaaef458ee36201750bbac267cfc7f4e62babfd4d7698d8bd5bb64857d9
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
660fb70b3682b3fc1462bdfd76a396fc99d1b3bdb26e56731093606b89da58bc
66706b1671d19687d86944285e4995b3b65aa7ffde6201cc4b5696df152ad85c
672cada93d9ba45aed9a8cd818e9ee918ecd00cca1149cbf4a87fb479eabaae3
67354a3f9a9e2a313f420d83cb30882d5ba4189c9d0f33adf265dc03f75c5ce7
675460a5f8ea099760c1d3f16de4fcd79b3f00cdcfc7925dc69f4ff1e8ecc974
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69b4b250d33b0860a1f082614b027421bec0c6058a2f0e9ca684407ee0591d00
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af
6b27080d88dbe5bce3946fc60c6e7f70a9470bc0225200a0c497650909c2cea3
6b34cdb49a6b0735d1dbabe5a0192c63f0210b516763af8bc56cbc1d554f2992
6b983380e7557b0f1e3a5c56d069194298600f7e30bd68b37c6b8b0696c5af5c
6cc221951254fce68e4f9b5858ced6be721c2d3b599dffb69b80ff80d7988df7
6d9c72f9a52306b23bb9729a6da82b25ad2095fce9af37da36d7012addd6b7be
7041ae8c944ab10e543787fb915043b98e4b59e48f30b708ac71484d18ef7a99
7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71855e26196c178330b2cfe2e5992b6c12e23293ccc83bfa4d23646e4d49da7e
71b76a7ea95ef6c061ab4674fd6728c8bfe47071f65b8d97465f4a2889487a9d
7249f74ec6b611ec2dc6ebe2f66fc3e17dd9820be875da4315f5948ed55e6fe9
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73f21482958d69c7fb4481ea9f7741fe64be178081ef506805bd7bbd67cbff70
73f74336769f9f88ad0ebd91e59d53d0c52257b8d7f18a2ac452e976f95823ba
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7592cf123f5e180b1748949867ef1015b791e8a0cc8e16f2af82f17e73c28f03
75933255bb57864e50e41474bc6d67a2ea442d88c63dea7e4b50627d40cc0446
759345e1bf96afe2f7a50af2a3499a815c16c9dc8d6ad1d91e8f49c92e5a52e8
7652bd3ea50af7bca3ebe125415945a276d7497d1291ffc075275964f27d07f7
7696edac0ff02d22887bf931be73584c08376ffb39949302a80601cc7853a1b5
771cb04a70776414a6b2cc4eba133aa5e4f22479eb300a569f7a026188d3a15d
776b43674abbb695739f4b4265d6ee037121a4aa00a345d3cd9ade316348a032
78896aa44daa2f06b03629a5f826939da0bbc72ddcddf8a72a69679e1618acb3
78e51539affc9639b38b476b25d849ae45429c5548182c8c7a51849f9bdb84c9
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
796ea44623ba45419b7d1a78b68b94744769879fb9bf37ce2d5bc7aa33b3505d
79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1
79bf1fade80e179aa63b535e72d96dbee0121ba6604b9821bcee90a6413f871b
7a186213c58ac5017caeb4edb05c435f7c5c02d44b64ec0ad334a9072bff13d3
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b6e002cd935be25fca31e427aca7bf4db21c1f9a96496ae4e1bedbebd0d2e59
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7b744aa69ff9e7baef528785345e85e1e616fe873ec6b335398a46bb3075f412
7c142e52130e32c42649db4db130aeb9b8d7a98015b74e409c8a22cb9a01be22
7c78577512199119d658239f63bdc870ef17185848d0ed1c51b6df07be6458f8
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7dcdf6f958fb657ababd9d9dd83261671a109e411586afb522e40f5baa629777
7e9cdd2e2a904a131ae701fdf0200111c5e0b46454c3091596789032481f34d2
7ed4c35ffaf62c78abc77642ea5d7671f17db40931cf709fba9c98d3182941af
7f0c830339c4fa576c9d8c255b786655dcbf0c27937ba503b411266c60e9052a
7fc0797e09402d7d99d98e80013f4ab6070452ef0d2329d6a9a6d56eb9e1fb74
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
7fd048575f58233cb45f9dbc59f420e878cbdbe7edd530b1c8bc33763dadbdd6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
81d8c58bf940b231796794077239ca22893947b617d3fcce27f30d23418ea01a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2
845477e7b0a7a71f2a6727f1500e6323cb178ae2c7c2b9e387b81760602d4362
8566a3a9aa4846d67464f083c5e15d802e57ae06ce2fcfb590fab9cf56626fd5
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
85a118dbfb7e0f858842d1c3ed668a21d2989adbe851788d53fcb8dc5fabb875
85c5a8e25c75d3975061bdaca77e6470ff89888c35eabd8e42b699dc9d106a92
85f5f9df678a27769d244db0351c902dd7f6e4261b627d6fc394c6d1fd1843fa
86a32158ad55895bbc704474542b80008922047f6030c55389ad3670733bf8f7
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88343b81dd1c646160dcf8856b77f8d7e12334fa17a9ae39c1a6958b134a1b25
8895c25de316f956b94b4281360a383afc08d0d8bdbc76d0b0150c0dbb3f85dc
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa69a7251cc8684c5fad51df1fdedfbfdfd9ed79fe0933a1d5a3740ddbcb680
8acbba15e34bab4737ea966169ba0614ed3769ef453a9b36d0a06e70a1b60416
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8b9d1bca8c323d5b5374882731c304332a8bb2dc31d792a8e9a27ee62458c8a5
8bb62d2104fa270264b2e90840f69d2c77c09b7069ede39afbaa1688c56b6e41
8c265259bcadc1dd148f82197683f2b1a8e6c52cea11b6fea8c8103482a51341
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8caa41181719668f38d34e7c3f8ae71698228912433c51a769784e6e9c34113b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f453e18314644b56d48f00b14eb7ed01593cb5e0da024a651d5ec7f7bd0d69c
8fdce66b70f54f2f77fcbeac7fad0aa6c9d2e0e578aabb164eb8a630ec6e260b
90b9fd568f8bc1ec18d18cc03b478a658e73a1f5d654122a18699035c878ecca
920d09f9d2f69e5504ab36939220d6c7282bfdcbb2fe952246de75ac78ed4e34
92492a41ed7dbc02f64b8f399adef0bc87063f9011ea0dcf397d19a8d484bfa7
934f9725e21d9493df8a25323111289b3d7e43e6475503a53b48911373a7b830
93cf73d27640f5b49e2094b5dd58b2d23d596aa5f071605207600ea8fee1d126
9418cc4ca2584494c85065ff0bd5bf5ab4d32353975b6acf3a795991dd46cb79
95635ac34d5e549cc7689659b11befd5be4c9e3063b2e4ddd8d0dcdebdd4ee71
957ad0b51445cc8397e42d7d7350d9006b4aaa7e96a73e5d04b899a78175e357
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
96215c4a18982853f076db794ca4dc3bf7f34d905c440eac6ee30749112356b4
9804b9cd45ae9b855d303fd63da5adef449d5e3c2e1b9d8fb353f9bf671153e5
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a99b6941501fdd27cf1995b5a9420cfcb750edccaceddef7c8646426088b6aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b07ac829b023f6a398f3793a1793fed5bf57e25771a810e5c0330db21be0267
9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636
9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f266a9def0f19fb353c85c8b89513b53731c2fd85f652683f6be72c32a810d8
9f287771fa942efe6f1945f2534c1cd49fc7cbd801d626bce7b3fd2258d79406
9fd0576ad63d5642f5f52adf03b5069bba3bd76fdc3159f16897a2914dada91a
a005c1ff0128fc658e07021b7500e84f325672fbe4609097d12e7ffb93dacdbf
a0272bf2d60c50aa9754707c18af7fe5c85c61d48e341b1390c5d16a992bb34b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09cf3b06f22871101d2517ff8854a6cefe273fa639604986bc8e31ff5c9fc29
a0d4d04ec02dfd8db90e759968d78ffb3c440f8e32201f0e036996ab7c3d765d
a0f0617da27f556eac8efd0e6eac1eed988b185a0c61131680b71e99d9964329
a16a3a9d77c48b5c062e5e7231e981d76bbfbb94efedf1b2e62147221bf7c1c9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f7910c9be1a7cc9693e60d2ac942a78787cafd74afb48a61f11ef8a312127f
a2658798adfed822f370926f024d5add17a42fd6fc67aba4f4827a1228341cd7
a278daa12674de83cab5e91a656f4f81eb87daceddf8908dcdc477d3adc31e81
a29a79b90753a2605bd446ada085ff9f8f79bfd68a2ec03525e3422f6e36f4bb
a2a7cd5ee9d2f2a65567ec3d8e91e173792c166a078d9f6c2426ae86600db738
a2ae287ba167d66581280eccd886dc293447003433980727d12a54c42e8d05ca
a2ded8f5f016768fa773cb7131a8e3ef594771bfbec40feca773084d30e994c5
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3a929b533bc038ad387ba900a81dc1d747b9b3d740f83892828f77ce738c937
a40b8f6c536a8e0e9a1af16b2d12fec58dae900c1771bc2e818d453684691df3
a40c136fa81abe6e9476e23b94707864d74dec22ff5a89f845a526dbc7b63074
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5307da44321773c9f46b34d756dcbd6cd427238e5cbad91cd2cf151513ec283
a5cedf99914432d9e4ee9a1a34a25e36dd15e3b631790105bd70af261c7d7126
a6166b43f3116efe4dac4d58b45e93c3309c61b74117711ccb228cc5b5ab1d0a
a6b95448ad5da4f2add248b97f25bd527b5b02729f55dea4833f6ac0e300b55e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74e6b08be43d979f719d60ffeca980eecdfc4b0a41c38e8a2632d5be1bac03e
a8107d0c473dd70c3458cd6904f08e68aa25855fe8a5422f6481b8dfc7e65cad
a82ec4524bfee833eb193ef4ddf6553d662db74a605c5220e5734e83681af493
a9003fb8ab07ef488cd83fcfbde38b52680f2a6781e6ab5b9bb3e245dd8f2593
a9261574e7afe310f6aad5c96c0fddd7a080e71839332d620348e98d0badcc14
a99e88d1f562c3cd7fd90a5ba93cc2850d801f988fddf5701849e6c749fe368e
abf7b6220017b2b8b173d44786853bbae9b6fb6df261708ffff41bd63099a90a
ad6949020be6605212d06fbeac686048ea3c42b50f2e45f44301ef97107be6f7
ae29007844b48d940c7ff7e2b9159554e07d524efef6a651816d7c5555a03415
ae79041f22125a201bb709023b3bf033038edfce4856776ff660b772ca8b8984
aeb40c559d97e7bbb79841388a3b9a371c1d23ad07f69499ffd0f4625c35ec61
af045ddad6d6746a971b0908fa6d5383579b5f4e7ae15b2c88325b9dd18352d6
af058bc0a949d80a2234f297e983e6fb3438a7f360daf4cdecd3d717ce047ea7
b0feea714c1dbdac5aa7b7ec657cebb69aeda9e16cc4d9e40d0c9d8e6a3737b4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b1a93bf2b33e4d3478aa607391941539ea26bd2ff63aea0bf4982df05b086baa
b2dad57b4bbee0e3acf68a51d891eec1769bac308896552b379f61c64d4c6705
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b386f0c0e5ba10b71f099049338e05d280dcf3702a2c44d1a7281edf9baad0e8
b3b228fefa0268a34d7a606be22240d48600e19ea3d19f0550a3e0b31a4e3a7c
b43a6c25f04d280651504500fc56d64e4c67a42e65d5727b460a297638a02bae
b555e4162955083ccdb00bbf92c05852809427f27c1a1cfe60a68f871f3c5df1
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6e3b75adecdf92df127c079a7ea334ac6cfee55cadf923a7a76f722f5027582
b6eb465f0a27e3867eb23b5f8849bb136baf5d0ee9436ed42f87ea252476ed99
b7720575a05b688ffb57d60c6bd72e4c4849fe39556ac5841fee965adc47f2c8
b7a4a48c83065cd79074a51a7df1d19a748cbb2885e6690586f604d8c7e46e0f
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
b946d3e2e4585fed46db1f41d3c5d6ff1f13032624a84d9bb16b3cfeaa1b7b0e
b97c7fe54f0dcdc1dbc7618f3f370421b2e994612c43552d8c70dd7fe980d04b
b9e5c0ac714ba95a1af9a6c1bcf5ff348becb5c7a5b1f086b38f6ba74cb0b82f
bad1465fcd0be46ca6505e3ff6d0ec3d4cbc616a560b1f79565e139e79caf5d2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb716a2064d821694e431a47f1538c0abf1dc85e0aa9736c3c2eed7fe43ae359
bc4490edb01346a004a09322c7b1cbaf982a7744e50fc8d8c48e760104c421c7
bdc89899be795c6eb99046f44bd35909c1214c2d828f7a4e6609db4026780fa1
bea32d7c8d521f5288bb3b66d031e6ca9d753d5a912bb3166602157fb3bfa65c
c1059d522f4c639f77427fa309b77d7c5f02e42a44d45e2edc5113394cb51822
c12506f406a41aed9677c5db2ec682de384c089037cf99d72eb4119dedf8e517
c17b5073d5de58fe2881a9238c1388b6b4c6a01d705455cc815bb8e83e18dae2
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c2e120be308cba4e8e6b19b319499ac913447d5e17bbcf7b5c738eadefa4f6ab
c369b1eba8cc4965a8b212c38aaf449d108772d24186d799a225b8310e0c28bc
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c46f266191f9429ac1792fcb91750961bef967e5dcc4ccf83ba72315ada42fd5
c50161ef39819d58bc2b53b4dc734e7cae2acdc1fea56debadabb6a851e53939
c52a2bdb9275f3936640bb91e5708c5c57d71af482499e1285ae1178c1a918fd
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5ae3c80d270af9693593899b0f110abe01f766c2f74587a8b4cfd152f0022b8
c62960b5051246e040079073dd0ca57db0e0f7c92bc7273a0f596b4d31bc3bb7
c737bbdffc6cd9d60ce00408376f91d1191883b9363ee55faf8c8d23d4957dc8
c767b952411b2de227dcbf0c0b1ded42daaef23d5a5fd05532509c2225ce641f
c7aa2a4cf81f73b9065481e8308b4893ae7c3a2d679d9eee094c75c8dfa0572a
c87c4841f4afb812f6bc2e0a62d85acf0e7ecb6648e3b84cb5e5a0b9175b0081
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c9658d89a2b75cf01eece772c4eb5ad9d49cc902d0214484c697bcb9465d8cf3
c9a57110e1e7d718a622f70b55af2e6c440e5f8a7671ef2a9205cd3b99ddadb3
cac4eb1d4f558cd015e102fcefdec3d7172b36972894001eeec882fa8e1f9c3b
cac5004f75f0d4b0862640dfc70df06eb594678703848416c4ff54a781d6914a
cae526a8ebada76eaaf65c128eea7715db5d13dcbdb5a7991d7d349ea1a02fa4
cb11995e9dd84d727cf43902d490abf1f356e97db223d1ced4a68258aba06988
cb2462733a0fd4b70f54d56880ae2becfc4e45d1b4513b60b87ee722ad985c10
cb8f7e46c65ce909baf597a773c85ad48bd7a3ff34c707a503ecfa14fd506b5b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccbaf076fc7332638a5062d1eef76753cb6bac8c8cc5a641a9037d3dc9c0189c
cd16b81c5c418eabe8b4e37cc0a2cdc6fda1b5d75fefd73c31923c95cab40fdc
cdd20838f1fb6ff8b258ef6b23d0cb5826d6de6255868cf9fbd25492992dc817
cfbd9ff366afcbba46d312cb9bb8357c5fee66d3540591919a6c302e3f8ef77c
d018dfe8631f61492271d2c987e71f50805c4416ad0743d3fe1546aab43bf3de
d05a90038ca3c43af1c6ff1696b01886e9a416f01b727b781c79366dfd758be0
d0adf988cdda4f8e1bca95fcad9cdb6e382928628b89856eb1ce70dc1c2d8db6
d1ed8f498321acb83ed02db56fa3d3569bc26e41488b6e5143d056f3270a62e3
d2383e4d42eba639dffc88a0bbe86cf4f950ee3f9ffcb7122ce19fd46bebb988
d25675047cd3ad16cdedc3bd89438bc65df07e108d9fa48f43294d8e3b756126
d28ac56d963aaf08a01720594debb554f8bc11cdf4ea16818031679e24464196
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d2fbfbe4f76c7cba63ceab257e1efa4eb79fc0389b16c097dabd20c87425da91
d3e8f348bb63ba0d30a5cfc562661b7069bd14743f4227cdf5e1d93c6473bfac
d4edf6606b3b0aa156e01b221b0849218cd4e79af76680ab86faa7ebfd0b684c
d5e4b2256e6c1a6e0d31f393d0422ad333d5e71e69c0d907cd85863cbffcdf28
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d66c6469025699e50a22a7e32f94a395d26fdb5d539fb859611f22c8fd00a6fb
d676df2c266efb4ff774923f352ca0eb4c993ae1c436e51a4eaae9d9b1ad5b8d
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7a727ba48aae5e48f785db04fd08def67876ea06039e768f37c11250e6e7bbc
d94ff5eb5215dce69f7cc97fcff07a99dbe17569c078e2cfcbcdcae6fcb832ab
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d99d44ceba26e7cac0a527f245957aced4fdf46769e37e5e53a078703f8f0543
d9f571ac3d604da0658be58bfe77da5bc6169599a75abf70fd77f47e0280825f
da1265a4dcba7501cb548ed91e9ec150af9554b3f14de4f5719d06c4b4c40215
db80f07f22a004f3f6be6fe0c65a3b6c5b2aa9153845f865f81bc121ab4de669
dbd33f805b2e94b255c73da5fca6fe75b130b00af1a9ee3d331060b087bb604b
dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a
dcfc8fb7be35f4aa4e9daceb2ae7e2e43e7260ead9b4641162ce91476abd242b
dd3ee983636a0da00feb7add7fde35e10561104b091c725d4a8fa56c5379bd41
ddc0e0ef0af96566b76218ba0d4fb55848bcb01b9934d8fdd70c4ca234822cba
dde436bf81d697bc18a640514e2d83d15687437a1f16327e9948c28675bbcc3f
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
de7bdcb93f2804e963f238713752a30a22a3a3afef6070fb78d206e6199cd353
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df12486cc387250b561269f9354552de08b12323928ce877768bbe64d43cf033
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e33de8aba372cff7bc881ae5f384f097ca6ed770b68befe358ea1fc0361d76d3
e3a7f02da4af7a22664fa605efe91025e23439ebe5c2e0a2980251fbb8b68d91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e325f5823e73a6aa5d08ff2d47cb72e7414bdd9a61c52ef9857d92a86860db
e64e2b0edf0e658a45c9c7648cf81b5c2084c01d35199a6f40ea9cdfd9f55f8f
e6bc53436c9d91ee4207f9514e664a6b0a945582de81f72d1b04ac998918e685
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e75b349a0c2a83b5549850076aad395531efc838c345088d5eb99ef2049cae04
e7d8115f8560e36e90c3bfbf48196e63b968aa848f405bc778f44a05ecb78990
e8bed6cecdc801eb6ff79c85b80d205fc06d7923050c456ce0af0ce4ca081797
e944a6905ad9f7680bd406257baf753044f6f939a83c978799fde898c48bce2e
e9621e5be2817584425f7badf6e79ecc2da6e7ac210e60212654f461a662eeaa
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e979c4feda0a944945f7c28de85fc81035eca16d5c6f740d5e2404b7d611ac3e
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
eac2e4f903e4a523223cf7007a863eb7e90dc8e4d90e788537dca78952e5294a
eb7b38a5e24f369c74e1f807ec29c55bb5c6798f78ef0625469a193b72d7a76c
ebde23f254a76d197ba48cfea4222fa814f6cac3d559b4a4678a031575c0a287
ec39926853bad00e113203e4b2a07de7b7fc7a182622901087cfa7102ef6451c
ec579027d6cfa43ab97eb2cf809fd645bc8eeef265c18a7421c8b91d5653b0e4
ecd3394fe295cf8c645fa21f81ee6255b96e660ccf4f24dc229a35c868adae1e
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed17b1487f10dae72caa90fd6dbbf076d26862fc4a6c1193cadd7f86ad16130a
edebc841926cfe0907fdd4e4b3996ed4951cd5b00c2a6e7c5182050fb10b861c
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff
f38bd40b9ea64f940710182569d53f35789e953c832156f4a4de95e238e6f1c4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3ede9247c72a00c8027263b58a5f02dabbb204adede44465a02c16a8dae4ccc
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5d46cae1aa86dfd4e7be14ac5441ea7c96a61fb4312a6ec0f533a0fdc7ac8de
f61118112b14dab29b663878e2567e6fac6e03a23e551f365ddebad819214647
f6259c597a84c82a781ea1210852adcfdcb1b29936e175ffb85c6012f2456635
f7a605308d0ec77a960f93f9f46d5fbd1fb3a569a15313ad7bafe9d77040700f
f7da5fcb2e9e03855194b805494707e8c895193a199e2a7509fbea65b0a81381
f91b6ba206561a43b9649250a7925588f875cb5b875bae11d47860edfed56060
f943cf100fb64c20af07a9960cb39c4e2b21ae30c9c0b1dcc67b93667e8108af
f955c961f6a18abc329b4770519e3832400382b881aff5a1322eb32f7702a62a
f9daec46b23d5e7b6e1b5ce332014169aeb06e56b8f9bed84ef810c5bc4b2446
fa2cb772c383b1cbc315bcadd52fc3c2e49ce9a97ce6d1d83706be732994a6fb
fb8cd1d64d5ce6466b73119f01589b5a7bb7609283e6f8cc40d4bbae84d9244b
fd7655f0dd91ac92c4d1e076a3bd11b92d98428e14b40403f5f6e9d9d04ba5ea
fdc6e6370a8398f513ae7bd86fcc7468161d15ec20068cfea990c4b516579ad0
fed0bd13b52c1b20a85f0bb85a336cd3114d81882577e91436ae59f9e35a347e
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
ffc733276efc796c146eccf6bc3b111f917b8e2203d25df67884786903b64c05