urlscan.io logo urlscan.io
SecurityTrails logo

www.kanyetothe.com Open in urlscan Pro
104.16.69.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kanyetothe.com/
Effective URL: https://www.kanyetothe.com/
Submission Tags: tranco_l324
Submission: On November 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 9 countries across 52 domains to perform 337 HTTP transactions. The main IP is 104.16.69.82, located in and belongs to CLOUDFLARENET, US. The main domain is www.kanyetothe.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 20th 2021. Valid for: a year.
This is the only time www.kanyetothe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 113 104.16.69.82 13335 (CLOUDFLAR...)
1 151.101.194.217 54113 (FASTLY)
1 143.204.98.70 16509 (AMAZON-02)
9 142.250.186.98 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.11 20446 (HIGHWINDS3)
2 4 143.204.98.125 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
7 52.211.196.50 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 143.204.95.188 16509 (AMAZON-02)
2 34.247.228.32 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
3 2602:803:c003... 26667 (RUBICONPR...)
2 4 72.251.249.9 29791 (VOXEL-DOT...)
1 104.254.148.133 29990 (ASN-APPNEX)
1 23.37.38.181 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 27 142.250.185.130 15169 (GOOGLE)
4 9 23.218.208.246 16625 (AKAMAI-AS)
4 6 185.33.220.240 29990 (ASN-APPNEX)
2 4 54.76.254.33 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
2 23.37.40.118 16625 (AKAMAI-AS)
5 142.250.185.98 15169 (GOOGLE)
2 108.128.79.28 16509 (AMAZON-02)
4 2600:9000:215... 16509 (AMAZON-02)
15 104.244.36.20 7415 (ADSAFE-1)
7 2a00:1450:400... 15169 (GOOGLE)
1 64.233.166.154 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
2 178.162.133.149 60781 (LEASEWEB-...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 1 169.50.137.182 36351 (SOFTLAYER)
1 34.96.105.8 15169 (GOOGLE)
1 1 172.105.199.172 63949 (LINODE-AP...)
2 2 13.248.245.213 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 35.71.131.137 16509 (AMAZON-02)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 81.222.128.216 20597 (ELTEL-AS)
5 8 69.173.144.138 26667 (RUBICONPR...)
2 2 213.19.147.45 3356 (LEVEL3)
4 172.217.18.98 15169 (GOOGLE)
1 195.216.249.67 47268 (ZANOX)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 84.200.5.215 31400 (ACCELERAT...)
1 1 46.4.41.145 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
2 23.37.42.132 16625 (AKAMAI-AS)
1 184.30.24.22 16625 (AKAMAI-AS)
1 23.218.208.200 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
337 64
113    104.16.69.82 (None, )

ASN13335 (CLOUDFLARENET, US)
kanyetothe.com
www.kanyetothe.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net
tags-cdn.deployads.com
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2606:4700::6812:a02 (United States)

ASN13335 (CLOUDFLARENET, US)
images.platforum.cloud
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
4    143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
sb.scorecardresearch.com
3    2a00:1450:4001:801::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    2600:9000:2156:2a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
7    52.211.196.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
e.deployads.com
1    2600:9000:2156:dc00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    34.247.228.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-228-32.eu-west-1.compute.amazonaws.com
c.deployads.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    104.254.148.133 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 545.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs-simple.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
20    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
17    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
27    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
9    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
6    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    54.76.254.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-254-33.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
14    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    23.37.40.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-40-118.deploy.static.akamaitechnologies.com
cdn.mookie1.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    108.128.79.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-79-28.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    2600:9000:2156:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
15    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
7    2a00:1450:400e:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
bid.g.doubleclick.net
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    2a05:d018:d29:3605:6590:6a:1c2:7426 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com
a.c.appier.net
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:11::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5lznez.c.2mdn.net
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
ade.googlesyndication.com
1    195.216.249.67 (France)

ASN47268 (ZANOX, FR)
ad.zanox.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.blau.de
1    82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
Apex Domain
Subdomains		 Transfer
113 kanyetothe.com
kanyetothe.com
www.kanyetothe.com
992 KB
53 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
316 KB
45 googlesyndication.com
pagead2.googlesyndication.com
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
445 KB
23 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
202 KB
16 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5lznez.c.2mdn.net
1 MB
13 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
17 KB
12 gstatic.com
www.gstatic.com
csi.gstatic.com
112 KB
10 deployads.com
tags-cdn.deployads.com
e.deployads.com
c.deployads.com
161 KB
9 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 google.com
accounts.google.com
adservice.google.com
www.google.com
76 KB
6 adnxs.com
ib.adnxs.com
6 KB
6 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com
r.skimresources.com
22 KB
5 platforum.cloud
images.platforum.cloud
136 KB
4 lijit.com
ap.lijit.com
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
4 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
106 KB
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
2 KB
3 googletagservices.com
www.googletagservices.com
110 KB
3 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
6 KB
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 3lift.com
eb2.3lift.com
944 B
2 mathtag.com
sync.mathtag.com
1 KB
2 sonobi.com
sync.go.sonobi.com
952 B
2 openx.net
rtb.openx.net
580 B
2 ctnsnet.com
gcm.ctnsnet.com
532 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 krxd.net
beacon.krxd.net
675 B
2 mookie1.com
cdn.mookie1.com
7 KB
2 google.de
adservice.google.de
957 B
2 media.net
prebid.media.net
contextual.media.net
8 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 rlcdn.com
id.rlcdn.com
1 indexww.com
js-sec.indexww.com
1 KB
1 lead-alliance.net
www.lead-alliance.net
611 B
1 telefonica-partner.de
www.telefonica-partner.de
249 B
1 ad4m.at
as.ad4m.at
862 B
1 zanox.com
ad.zanox.com
82 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 adriver.ru
ssp.adriver.ru
340 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 quantserve.com
cms.quantserve.com
463 B
1 appier.net
a.c.appier.net
556 B
1 blismedia.com
tr.blismedia.com
141 B
1 simpli.fi
um.simpli.fi
709 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 adnxs-simple.com
ib.adnxs-simple.com
7 KB
1 unpkg.com
unpkg.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
60 KB
1 speedcurve.com
cdn.speedcurve.com
6 KB
337 52
Domain Requested by
111 www.kanyetothe.com www.kanyetothe.com
27 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 dt.adsafeprotected.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
14 s0.2mdn.net www.kanyetothe.com
s0.2mdn.net
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
11 googleads.g.doubleclick.net b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
www.kanyetothe.com
9 securepubads.g.doubleclick.net www.kanyetothe.com
securepubads.g.doubleclick.net
tags-cdn.deployads.com
www.googletagservices.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 csi.gstatic.com www.gstatic.com
7 e.deployads.com tags-cdn.deployads.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 googleads4.g.doubleclick.net www.kanyetothe.com
5 www.gstatic.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
www.gstatic.com
5 images.platforum.cloud www.kanyetothe.com
4 token.rubiconproject.com 4 redirects
4 ade.googlesyndication.com
4 pixel.rubiconproject.com 1 redirects
4 static.adsafeprotected.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
4 fw.adsafeprotected.com 2 redirects www.kanyetothe.com
4 b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ap.lijit.com 2 redirects www.kanyetothe.com
4 c.amazon-adsystem.com www.kanyetothe.com
c.amazon-adsystem.com
4 sb.scorecardresearch.com 2 redirects www.kanyetothe.com
3 www.googletagservices.com securepubads.g.doubleclick.net
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
3 fastlane.rubiconproject.com www.kanyetothe.com
3 quantcast.mgr.consensu.org tags-cdn.deployads.com
quantcast.mgr.consensu.org
3 accounts.google.com www.kanyetothe.com
2 eus.rubiconproject.com www.kanyetothe.com
eus.rubiconproject.com
2 match.adsrvr.org b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 sync.mathtag.com 2 redirects
2 www.google.com 1 redirects tpc.googlesyndication.com
2 sync.go.sonobi.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
2 rtb.openx.net 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 beacon.krxd.net b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
2 cdn.mookie1.com s0.2mdn.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 c.deployads.com tags-cdn.deployads.com
www.kanyetothe.com
2 p.skimresources.com www.kanyetothe.com
2 t.skimresources.com www.kanyetothe.com
s.skimresources.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 kanyetothe.com 2 redirects
1 id.rlcdn.com
1 ads.yahoo.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads.pubmatic.com www.kanyetothe.com
1 contextual.media.net www.kanyetothe.com
1 js-sec.indexww.com www.kanyetothe.com
1 portal.blau.de
1 partner.blau.de 1 redirects
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 as.ad4m.at 1 redirects
1 ad.zanox.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 ssp.adriver.ru 1 redirects
1 pixel-sync.sitescout.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
1 cms.quantserve.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
1 r3---sn-4g5lznez.c.2mdn.net b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 a.c.appier.net 1 redirects
1 tr.blismedia.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 bid.g.doubleclick.net www.gstatic.com
1 hbopenbid.pubmatic.com www.kanyetothe.com
1 htlb.casalemedia.com www.kanyetothe.com
1 ib.adnxs-simple.com www.kanyetothe.com
1 prebid.media.net www.kanyetothe.com
1 unpkg.com tags-cdn.deployads.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 r.skimresources.com s.skimresources.com
1 s.skimresources.com www.googletagmanager.com
1 www.googletagmanager.com www.kanyetothe.com
1 tags-cdn.deployads.com www.kanyetothe.com
1 cdn.speedcurve.com www.kanyetothe.com
337 83

This site contains links to these domains. Also see Links.

Domain
www.avsforum.com
www.vwvortex.com
www.broncoevforum.com
xenforo.com
Subject Issuer Validity Valid
kanyetothe.com
Cloudflare Inc ECC CA-3		 2021-09-20 -
2022-09-19		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-12 -
2022-11-13		 a year crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
cdn.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-04-01		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ad.zanox.com
Thawte RSA CA 2018		 2021-07-08 -
2022-08-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 27 frames:

Primary Page: https://www.kanyetothe.com/
Frame ID: E146815F2EE2283BB95FF39AEC44BACE
Requests: 151 HTTP requests in this frame

Frame: https://www.kanyetothe.com/login/onetap
Frame ID: 40819065DF0DC82FCF2502E81CFD9383
Requests: 20 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.2947905120323824
Frame ID: 832DDB6847AD12C64E4F92332FA12BC7
Requests: 1 HTTP requests in this frame

Frame: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9283857167B4AC972A1A0F2ECC22FC60
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQq6lSY0XPhJQ_2up9kHLpEawISDZauuR1ZJj7A2Igz-2kgC8Awed94IyO-2o6BIpkdd6N5uSc-9Rb9AqOeD7BwC3ySdpp3L2FXAGZm-oR3w90ITYp6x9DPVbUeeO77tYTxRoyDhuJ2YbFPKCVWMkvSqD1aXuhmRVnWTcIizLgDb-Aa3qzSy8YBBHADAoC_ARVRcKJJG4VO8qFerx38lTChEtEpZBWCClWLIzWIIjVDnxBzQT-9Xy3AmesmeuTIwuGnIQLxX9JE2bPawFbsZjDT5L74QDAqeA5_Z_GF4T-DsLPB4Ln-UN4ovbNuUv4hqI6mSc86l-XFikG4KfA&sai=AMfl-YTW7xOwuV-nKWMxKCnCl73pReJ6tclnZbC58fvPfwlHJD20uqzFuB7sECGlZU5qkN00A_5mT_zZKQanslbB-V89JwsLr6x7Uj05kHvoEqgA8AqW9ezadtR5ssbRjS0&sig=Cg0ArKJSzPViQZvXWNVNEAE&uach_m=[UACH]&adurl=
Frame ID: E0327BA17D6184846F709F2DC143B639
Requests: 6 HTTP requests in this frame

Frame: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 652285F4BB28122F73391F86E3762A3B
Requests: 27 HTTP requests in this frame

Frame: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D79BDA783CFE1B820A166A8929B81CEC
Requests: 37 HTTP requests in this frame

Frame: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8DB7F711031F48575D695009899694E1
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Frame ID: B192155C28EA866B14EF69CE38C0FCA9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Frame ID: F2A8D84B864EDA605457D4E263736CA8
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/8247229/1636534337098/index.html
Frame ID: 15883E1EEDB12065C71ACCDE23F0A76B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/8247229/1635940847221/index.html
Frame ID: B0B1436111EDBAC8FB87037DDD2FD056
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B3E6C11BA22E4A32EDE8F82E04CEC204
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2DDF629DFCFF64049DF99D111C2EACE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB47E9214C9205C0ED29D1B4DBEC388B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF8D752B3873DB673564223205C67F6E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E131310511601F9CB6C75545987C816
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FECD4033C055EC05C82BB3F208D5B8EA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB7A4FAEA540DE9A712CC389ECFEA70E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4143FF08928AB14306CCB83680907110
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0FDB925323C96D67D9C11874EFA197CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF2668CF7ACCF122D466D6688F775119
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: BA42BA95B953F85F0A6397D9312D63D6
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 31022732236DA16111B99447E4297742
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUP91F1X&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 3BDA8F7BB7946780954E0E6EAD95D45F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=&informer=8162798
Frame ID: 045004633C6FFF9EB3A1C32646FA0F1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158492&gdpr=1&gdpr_consent=
Frame ID: 81FCB02E46CC869E3750890F710C8352
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kanye to The

Page URL History Show full URLs

  1. http://kanyetothe.com/ HTTP 301
    https://kanyetothe.com/ HTTP 301
    https://www.kanyetothe.com/ Page URL

Page Statistics

337
Requests

90 %
HTTPS

35 %
IPv6

52
Domains

83
Subdomains

64
IPs

9
Countries

4237 kB
Transfer

9970 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kanyetothe.com/ HTTP 301
    https://kanyetothe.com/ HTTP 301
    https://www.kanyetothe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9=
Request Chain 119
  • https://sb.scorecardresearch.com/c2/6036030/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Request Chain 198
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZdWBMrEyBjh8kfibjN54gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
Request Chain 200
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyODk3OTQzODU3NTE4ODY0OA%3D%3D
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZdWBMrEyBjh8kfibjN54gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
Request Chain 204
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4NDA1MjMyODk0NjA0NDE5OQ%3D%3D
Request Chain 221
  • https://fw.adsafeprotected.com/rfw/st/854720/58245029/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.kanyetothe.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f314f16a-ec70-a3b4-c458-99c580feb9ef,c:uoGlo9,sl:outOfView,em:true,fr:false,thd:1,mn:app10ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:4,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:19,oid:9e811ecd-490c-11ec-85f5-0634eb268b40,v:19.8.267,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=
Request Chain 225
  • https://fw.adsafeprotected.com/rfw/st/854720/58245028/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.kanyetothe.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b53b5bfd-8554-900b-47cf-d7bea899c77c,c:uoGloS,sl:outOfView,em:true,fr:false,thd:1,mn:app09ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:4,fm:sPc57Xr+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C181%7C182%7C183,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:9e81baeb-490c-11ec-9bde-0ae761671616,v:19.8.267,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=
Request Chain 249
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 250
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEOzaQEQFGV3Q9bqry_vc58&google_cver=1&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1Zo8wL3yJ87HAnTrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1Zo8wL3yJ87HAnTrQ&google_hm=t9Qp3BctSwe93YdxJBpCB7k
Request Chain 251
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECjIu_KvZ5-WHIT-_UnULGo&google_cver=1&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbWhCb6oOTNYX9YZ_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMjE4MzkyMjY0MjUxNjEwOQ%3D%3D&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbWhCb6oOTNYX9YZ_
Request Chain 252
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGL3jrO1X0Lpkwp4iUBqz2M&google_cver=1&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6gATmJv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6gATmJv&google_hm=MzM1NDc3Mjg0OTkzNDY3MTc3Mg%3D%3D
Request Chain 253
  • https://rtb.openx.net/sync/dds?google_gid=CAESEORkmrOgc-0bgSXfbNhtSvA&google_cver=1&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEORkmrOgc-0bgSXfbNhtSvA&google_cver=1&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&google_hm=P1hwvPX9wHAK_3bGlHPMGA==
Request Chain 255
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELjggA9tAG7cfJUqAOyzcs0&google_cver=1&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELjggA9tAG7cfJUqAOyzcs0&google_cver=1&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA&google_hm=04b35164e58183240d250ae9
Request Chain 257
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 260
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGFec7F1uoz_N8X6ma5EOls&google_cver=1&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWvwjw_5H7uybPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWvwjw_5H7uybPI
Request Chain 261
  • https://um.simpli.fi/gp_match?google_gid=CAESENkQ6bQofFELFoKHAFthqGw&google_cver=1&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj418CPGVoOdY4O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7F6721DAC22A43E694B71FBC2E8AA916&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj418CPGVoOdY4O
Request Chain 263
  • https://a.c.appier.net/gcm?google_gid=CAESEHiL1ogZyqGlIxt2fS0v5JU&google_cver=1&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOiZc8hZgHXUlaCxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aV9lQzRlOUZDeHFUdEpROEJsYVhZUQ%3D%3D&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOiZc8hZgHXUlaCxQ
Request Chain 266
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJDCe0b5xGrAgISGlTXol60&google_cver=1&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn&google_gid=CAESEJDCe0b5xGrAgISGlTXol60 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyOTQ0NzkwODgxNTI4MDQ3NzQ%3D&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn
Request Chain 268
  • https://gcdn.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/886AE09FC412771B27792FD9A6BD011362C4999A.9AA8D8BE4D57549EFC25588BAC7DFCD5849FC2BE/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/720082D023F6DF0887ADC9FAEF82362FA23C7E13.8492747A33868AC5176326D5942A39287C79F121/key/cms1/cms_redirect/yes/mh/8s/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznez/ms/onc/mt/1637307644/mv/m/mvi/3/pl/49/file/file.mp4
Request Chain 283
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEOzaQEQFGV3Q9bqry_vc58&google_cver=1&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-ykuV64QbOUO2eaoodpnB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-ykuV64QbOUO2eaoodpnB&google_hm=t9Qp3BctSwe93YdxJBpCB7k
Request Chain 284
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEO87WDGCqNWtq2IF_aD44wA&google_cver=1&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJJLICKCXmv9pKaci5_JZY37vw_PQFTOm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJJLICKCXmv9pKaci5_JZY37vw_PQFTOm&google_hm=QXowaTd1dnR1TVU3LWhucnppX0o3amc=
Request Chain 285
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFddBrbOxb8ON55z7V3RgiU&google_cver=1&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduYgh1ghLPmhRK2jJiS0ejDsNnI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduYgh1ghLPmhRK2jJiS0ejDsNnI
Request Chain 286
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEuFq-B8Fd0zxEPZTbRHo4w&google_cver=1&google_push=AYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-97d62b28-8c76-4c40-8100-f1b2c3a7167b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo%26google_hm%3DA5fWKyiMdkxAgQDxssOnFns HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo&google_hm=A5fWKyiMdkxAgQDxssOnFns
Request Chain 309
  • https://as.ad4m.at/ad/tai?a=162158&b=1&c=3&d=1&e=775&f=&g=dbmvidnat_Pros_Samsung_A52&gdpr=&gdpr_consent=&gdpr_pd= HTTP 307
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52 HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&wfid=117667
Request Chain 326
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW62UQSC-10-I96B&sigv=1&esig=2~44e22c7b457df6a55507c2077680d3868dc0da93&gdpr=1
Request Chain 328
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jlfp5JGPG1Bhnlz8mqZmzsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3354772849934671772
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJYGvpvb528hIW-kWCA-x4Y&google_cver=1
Request Chain 331
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFlYzczZWFmMjRiMWJlYzc1MDgyYzQ5M2M3OGQyMDQ5ODg1Y2FlOQ&gdpr=1
Request Chain 332
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&gdpr=1
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5dfd6197-5605-4700-b8b2-bcadb2fafa8d&expires=28

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kanyetothe.com/
Redirect Chain
  • http://kanyetothe.com/
  • https://kanyetothe.com/
  • https://www.kanyetothe.com/
50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eda8c9bbf6ebce02fc7d0cb8573ff21a050dbb94fb4e39ec685596e834d5621
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
last-modified
Fri, 19 Nov 2021 07:45:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
private, no-cache, max-age=0
vary
Accept-Encoding
x-cluster-node
xenforo-f077e16b-765d7696cb-8c7xg
x-ua-compatible
IE=Edge,chrome=1
content-security-policy
upgrade-insecure-requests
x-envoy-upstream-service-time
188
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b07d12befcbedbb-CDG
content-encoding
br

Redirect headers

date
Fri, 19 Nov 2021 07:45:05 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
last-modified
Fri, 19 Nov 2021 07:45:05 GMT
location
https://www.kanyetothe.com/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
private, no-cache, max-age=0
x-cluster-node
xenforo-f077e16b-765d7696cb-qz2d7
x-ua-compatible
IE=Edge,chrome=1
content-security-policy
upgrade-insecure-requests
x-envoy-upstream-service-time
45
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b07d12a5dc6edbb-CDG
flag-icon.min.css
www.kanyetothe.com/styles/default/flag-icon-css/css/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/default/flag-icon-css/css/flag-icon.min.css
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
7602315
x-envoy-upstream-service-time
3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-66fbcb6ff8-sl4zn
last-modified
Thu, 19 Aug 2021 16:12:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e1a3aedbb-CDG
expires
Tue, 23 Aug 2022 07:59:51 GMT
lux.js
cdn.speedcurve.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=121631494
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
aaf1611cfd23cc84e79ed595ed25ae334148a348a618cdc4c0caaeef225a389c

Request headers

Referer
https://www.kanyetothe.com/
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 vegur, 1.1 varnish
age
1168
x-cache
HIT
x-cache-hits
19
content-encoding
gzip
content-length
6244
x-served-by
cache-hhn4078-HHN
last-modified
Fri, 19 Nov 2021 07:25:38 GMT
server
Apache
x-timer
S1637307906.284099,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 07:25:38 GMT
lazysizes.min.js
www.kanyetothe.com/js/vendor/lazysizes/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/lazysizes/lazysizes.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4569b815ae030a8ab83a429543cb41cdb4151f55ca4f9bb38eafa1d06c407e6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
200772
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-cqwb2
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb39edbb-CDG
expires
Wed, 16 Nov 2022 23:58:54 GMT
cmp-reader.js
www.kanyetothe.com/js/california/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/src/cmp-reader.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88560bf08e11120d7c003044d4bea8eb151f2789a101693aac8241acc0b80ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=3864
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-zxwlz
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb3aedbb-CDG
cf-bgj
minify
fa-regular-400-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-regular-400-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c42ffdcad46b3a629de1d3180e62059d0a448b9cff921f3b7ae51f36f4efb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
276703
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25312
x-cluster-node
xenforo-3d5746c5-db9dfc-m6khc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12e1a3cedbb-CDG
expires
Wed, 16 Nov 2022 02:53:23 GMT
fa-solid-900-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-solid-900-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de7d20fa6e3e31cb063e278d7e5505b7ca77f75c985e5da59c939ca61bf740a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278730
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21116
x-cluster-node
xenforo-3d5746c5-db9dfc-zhnnb
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12e2a3fedbb-CDG
expires
Wed, 16 Nov 2022 02:19:36 GMT
fa-brands-400-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-brands-400-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299486b774aba5f7d2d4d1044f6c531a92d4d97f0c1e5c5c8088a6957095efcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278729
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6540
x-cluster-node
xenforo-3d5746c5-db9dfc-m6khc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12e2a41edbb-CDG
expires
Wed, 16 Nov 2022 02:19:36 GMT
css.php
www.kanyetothe.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Anormalize.css&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b615f9673ad5acda73617d617511c3f573dc0d655dc9c488f44bacd594b4ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2134
x-envoy-upstream-service-time
17
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-zxwlz
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a42edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		278 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acore.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99b7314d99489492e01db55e20377f857f7979c970ba8ae5651ea86e173f1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=285457
x-envoy-upstream-service-time
25
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-bsmjc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a44edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aapp.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a5ee861141788f09d0bc2bae50da4e95b50cb1f254fe35389fa27402ce8dc3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=28386
x-envoy-upstream-service-time
16
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-tj6tn
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a46edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		443 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aavatar.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836e1e1130b7445ddde61362d198c0954f0ef98638d326bf70057070c8700427
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=488
x-envoy-upstream-service-time
211
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-fhtgj
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a47edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_featured_threads.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd5f470f52f8cebc05a2c7158bcbff9ef2c334b657c45767b65ed2bbbf572f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=4397
x-envoy-upstream-service-time
224
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-vjj8x
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a48edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		2 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_gallery.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96dc95f363ef34b8ed6582fa46d48b08a0d06df5477888a23f09eb9e8fa4758
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=1724
x-envoy-upstream-service-time
16
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-cqwb2
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a4cedbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_home.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
646776e6c890ee749bac904692fc50613d2982c18339947f10a74fdad4a6cf3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=4766
x-envoy-upstream-service-time
19
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-7lpds
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a51edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_login.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79559d79fddfa4b696eb08f50b078dd3bb9885165167ec36b9981a6aa30590cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=4727
x-envoy-upstream-service-time
15
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-zxwlz
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a52edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		2 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_popular_communities.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e718052c8754c80a0167f55bd3ff84a9dd4aaf363d23b1f17a7218f003bf2409
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=1709
x-envoy-upstream-service-time
144
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-4g57l
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a54edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_sidebar.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc1e62eabcbf9c50eacdbc4e5ba39150e7bce34d342071651234ef46a354ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=4657
x-envoy-upstream-service-time
16
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-tj6tn
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a55edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		2 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_value_to_follow.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efcf21f2fbc4427dd639b8f0b4521c69e68ac8429bd30a0af30f75f3ffbfa87
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2580
x-envoy-upstream-service-time
18
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-vb9tw
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a56edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		2 KB
857 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Adesktop_adhesion_ad.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43af4bed3fa8296d93aa04a12962cb67e953165ca2ea93ecc73586b6f8c7c031
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2063
x-envoy-upstream-service-time
17
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-64g8b
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a58edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Afeed.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41935792dc6ffe9c2016f7474829401259b79dc2f991aebe3cd8de6139187ef9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=1467
x-envoy-upstream-service-time
220
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-ksrdk
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a5aedbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Afeed_item.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd33c611aaa5267e5eb547ab99565df43a4f04fe1ca131d2806af47509008bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=6007
x-envoy-upstream-service-time
229
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-wpb5w
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a5bedbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		78 B
178 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Ahomepage_styles.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83c1eb6ad10c18c6c9425c21fe96d1d9eb7bd860b13b081129f4500626276b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=129
x-envoy-upstream-service-time
204
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-blqxx
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a5eedbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		1 KB
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Ahomepage_thumbnail.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df2222410eed9b89846d18efa74cf3f6faacca942e7210d1b034af823470a9a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
130117
cf-polished
origSize=1365
x-envoy-upstream-service-time
233
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-4hdl5
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Thu, 17 Nov 2022 19:36:29 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a5fedbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		836 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aloader.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c28ba7c70ba4129e5fd4ce1030b71b923765c283b358e3647ba56968d09b7bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
130117
cf-polished
origSize=882
x-envoy-upstream-service-time
280
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-k4kbx
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Thu, 17 Nov 2022 19:36:29 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a62edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Anode_list.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
305f2d7bbc029e70b3576e0b671c815a4c36b5e2eb56c3a95b3f2a89308213b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=9419
x-envoy-upstream-service-time
240
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-nqfwn
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a63edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		522 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Asidebar_widget.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368b2fe237b67caf364385af66e048a1784cb07fa6e5612bd926d4e3321e1c94
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=572
x-envoy-upstream-service-time
199
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-8mqqj
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a64edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		2 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Awelcome_back.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eac1e53dabcb67b550350dbf0717ddcdea2c38295e5093e427f4e9842c02cc1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2594
x-envoy-upstream-service-time
16
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-qmrhh
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a66edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ac0a146b18624b9856c1fa22d640007b4a456c2f7e87adfe143b1cf9fc9f37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=56359
x-envoy-upstream-service-time
17
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-vb9tw
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a67edbb-CDG
cf-bgj
minify
preamble.min.js
www.kanyetothe.com/js/california/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/static/preamble.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe25a0c734bc5c9599b8bcd62c1018a66d8699678d0f7858f1fbb2b01bec082
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-nqfwn
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e2a69edbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
vs.kanyetothe.com.js
tags-cdn.deployads.com/a/ 		487 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
awselb/2.0 /
Resource Hash
c54fdc273be1316f32fdf1e251e1b1b07931f667318ad3c8eeb562c352c7a148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
public
Date
Fri, 19 Nov 2021 07:45:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 07:45:06 GMT
Server
awselb/2.0
X-Amz-Cf-Pop
FRA50-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Cache-Control
max-age=1800,public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
YyXA52be3CYgvfafUUgepBbiekbQYfTl10MxqI_WhOki0RIGAM500w==
Expires
Fri, 19 Nov 2021 08:15:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 432 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 07:45:06 GMT
kanyetothe_com_banner_2880w.jpg
images.platforum.cloud/banners/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.platforum.cloud/banners/kanyetothe_com_banner_2880w.jpg?1
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79aa0b133cf46cc364d4d17cce45c5fd79d7dce0fa7cb69ae52b58f60a421911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
cf-cache-status
HIT
age
4401153
cf-polished
qual=85, origFmt=jpeg, origSize=250224
x-guploader-uploadid
ADPycduHySsJ1pxJcXHv1P5FBs-5otHfIEtCGvCMB08Uxsw2Ncdv63X5PM6SegaeIv5w0ZumRU2gGBsnkJbvhpxNiK00dQ-fpA
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="kanyetothe_com_banner_2880w.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
129226
last-modified
Tue, 20 Oct 2020 19:15:13 GMT
server
cloudflare
etag
"2852fdb0c9404979c39bfbbb25cc3944"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=4vmufw==, md5=KFL9sMlASXnDm/u7Jcw5RA==
x-goog-generation
1603221313376475
content-type
image/webp
expires
Sat, 19 Nov 2022 07:45:06 GMT
cache-control
public, max-age=31536000
x-goog-stored-content-length
250224
accept-ranges
bytes
cf-ray
6b07d12f3fbf374d-MXP
cf-bgj
imgq:85,h2pri
kanyetothe_com.svg
images.platforum.cloud/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.platforum.cloud/logos/kanyetothe_com.svg?1
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a1a71ffdf9d60b92e096017fd407d193e2cd62f7711e7c064d8e228419fd11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
16334198
x-guploader-uploadid
ABg5-UyydqoUdIdMDDroSf-4uEiLo-iToGGU_rVXQMRcD7CfPIg-MzKtmkPT5K4biAvnjUOm6vBJVSMLDeurrOuQYDeOWVv4TA
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 20 Oct 2020 13:30:47 GMT
server
cloudflare
etag
W/"1b7bf22a95c70989fbb1f29de643a579"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=i2b25A==, md5=G3vyKpXHCYn7sfKd5kOleQ==
x-goog-generation
1603200647225245
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-goog-stored-content-length
2773
cf-ray
6b07d12f3fc1374d-MXP
expires
Sat, 19 Nov 2022 07:45:06 GMT
1606025.jpg
www.kanyetothe.com/d3/avatars/s/1606/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1606/1606025.jpg?1634007386
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029bc9bf7ebbdfad227b8befebb0958bbbbd746ddbaf607ae90193b95712945f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
260664
cf-polished
origSize=1581, status=vary_header_present
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1265
x-cluster-node
xenforo-3d5746c5-db9dfc-wlc8s
last-modified
Tue, 12 Oct 2021 02:56:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Wed, 16 Nov 2022 07:20:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb43edbb-CDG
cf-bgj
imgq:100,h2pri
1740409.jpg
www.kanyetothe.com/d3/avatars/s/1740/ 		284 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1740/1740409.jpg?1637041202
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753a1f7f77ef476dc665babe49110057d2c91edd57b7153c0a1ee4ae80e48477
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
260664
cf-polished
origSize=425, status=vary_header_present
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
284
x-cluster-node
xenforo-3d5746c5-db9dfc-wlc8s
last-modified
Tue, 16 Nov 2021 05:40:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Wed, 16 Nov 2022 07:20:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb44edbb-CDG
cf-bgj
imgq:100,h2pri
1738666.jpg
www.kanyetothe.com/d3/avatars/s/1738/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1738/1738666.jpg?1627687427
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a964302d506752bddfd215bf00300674bf0ae84a83ff4e8da5ce22f67206078
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
640329
cf-polished
origSize=1741, status=vary_header_present
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1399
x-cluster-node
xenforo-3d5746c5-db9dfc-2dlcz
last-modified
Fri, 30 Jul 2021 23:23:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Fri, 11 Nov 2022 21:52:57 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb47edbb-CDG
cf-bgj
imgq:100,h2pri
1740221.jpg
www.kanyetothe.com/d3/avatars/s/1740/ 		686 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1740/1740221.jpg?1636457239
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500656056a5b7cc10977756a3267000aca5bd02c33e1cdc98723be35a8aeb016
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
183715
cf-polished
origSize=986, status=vary_header_present
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
686
x-cluster-node
xenforo-f077e16b-765d7696cb-gfhmz
last-modified
Tue, 09 Nov 2021 11:27:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Thu, 17 Nov 2022 04:43:11 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb48edbb-CDG
cf-bgj
imgq:100,h2pri
1722063.jpg
www.kanyetothe.com/d3/avatars/s/1722/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1722/1722063.jpg?1634327726
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3448be10d7cc7a88d7d4bd5f2ab54af047a6230d0854215fec1e9bcdb162b841
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
2977558
cf-polished
origSize=3424, status=vary_header_present
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2076
x-cluster-node
xenforo-3bddc9ff-59475ff845-4rz7q
last-modified
Fri, 15 Oct 2021 19:55:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Sat, 15 Oct 2022 20:39:08 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb49edbb-CDG
cf-bgj
imgq:100,h2pri
1739926.jpg
www.kanyetothe.com/d3/avatars/s/1739/ 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1739/1739926.jpg?1635431459
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6faf50f0b959b83261d07aab9ada816c58a05177dd2f4c49fec41c6cdae8d41e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
1814957
cf-polished
origSize=1241, status=vary_header_present
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
916
x-cluster-node
xenforo-777a37c5-564c7b4c94-6mrgh
last-modified
Thu, 28 Oct 2021 14:31:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Sat, 29 Oct 2022 07:35:49 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb4bedbb-CDG
cf-bgj
imgq:100,h2pri
1738633.jpg
www.kanyetothe.com/d3/avatars/s/1738/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/s/1738/1738633.jpg?1627439463
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64797d31b789d1736c66c6241c30f721ffaa325b0e1af5d29574aad0f9a8906
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
110631
cf-polished
origSize=1820, status=vary_header_present
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1548
x-cluster-node
xenforo-f077e16b-765d7696cb-s4m2g
last-modified
Wed, 28 Jul 2021 02:31:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Fri, 18 Nov 2022 01:01:15 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12ecb4dedbb-CDG
cf-bgj
imgq:100,h2pri
avsforum_com_profile.png
images.platforum.cloud/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.platforum.cloud/logos/avsforum_com_profile.png
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16079a699fcf0f31bf787151c6b453508a47192bb5631f1d666b63b3628dd8a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
cf-cache-status
HIT
age
207156
cf-polished
origFmt=png, origSize=9437
x-guploader-uploadid
ADPycdtYjn8DJvJTTDvTvgG-Z1xf2g6i5JfGnsRRcCBnCHICAFkb-hzz9dLFKT7-SYMPddQc8xlhieBS7gp_wml-kZk
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="avsforum_com_profile.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4032
last-modified
Thu, 09 Jul 2020 20:03:39 GMT
server
cloudflare
etag
"b33e06ad1c4f6d76737e0bff52086c9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=ikocCA==, md5=sz4GrRxPbXZzfgv/Ughsmw==
x-goog-generation
1594325019016852
content-type
image/webp
expires
Sat, 19 Nov 2022 07:45:06 GMT
cache-control
public, max-age=31536000
x-goog-stored-content-length
9437
accept-ranges
bytes
cf-ray
6b07d12f3fc3374d-MXP
cf-bgj
imgq:85,h2pri
vwvortex_com_profile.png
images.platforum.cloud/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.platforum.cloud/logos/vwvortex_com_profile.png
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76474a292efe51a34699fdca25642c92a4b62c53bcee2297c479e190747e937

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
cf-cache-status
HIT
age
132312
cf-polished
origFmt=png, origSize=5211
x-guploader-uploadid
ADPycduMHYkV2teqDuPiqUmaoZYVvO2MYrQaE6iR76h1Ls9yErirFuaaY1b6RW4JEL1uc5Evm-oZFCAiZpdFym8P-Goumf9g3g
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="vwvortex_com_profile.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1648
last-modified
Tue, 17 Nov 2020 18:45:17 GMT
server
cloudflare
etag
"2d5fc1b90eff8779c0905750547cbd9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=mGE8Rg==, md5=LV/BuQ7/h3nAkFdQVHy9mg==
x-goog-generation
1605638717176398
content-type
image/webp
expires
Sat, 19 Nov 2022 07:45:06 GMT
cache-control
public, max-age=31536000
x-goog-stored-content-length
5211
accept-ranges
bytes
cf-ray
6b07d12f3fc5374d-MXP
cf-bgj
imgq:85,h2pri
broncoevforum_com_profile.png
images.platforum.cloud/logos/ 		966 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.platforum.cloud/logos/broncoevforum_com_profile.png
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17be429d6d893cc308afc2a2ce4f9e4e9cff877cad4dcee6d01a26c8716f77e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
cf-cache-status
HIT
age
909682
cf-polished
origFmt=png, origSize=4295
x-guploader-uploadid
ADPycdvUNKLdhgVaDs58uV5cT0TrzsS6qj5CV4uPhl4nN5X955pCanRSUn2LEUOa0gl-2a0u5cKnfDESWmCfHFchkg
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="broncoevforum_com_profile.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
966
last-modified
Fri, 04 Jun 2021 16:02:14 GMT
server
cloudflare
etag
"c9b911bf3a32906b67b747aa6b254e35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=fNjP7g==, md5=ybkRvzoykGtnt0eqayVONQ==
x-goog-generation
1622822534623396
content-type
image/webp
expires
Sat, 19 Nov 2022 07:45:06 GMT
cache-control
public, max-age=31536000
x-goog-stored-content-length
4295
accept-ranges
bytes
cf-ray
6b07d12f3fc8374d-MXP
cf-bgj
imgq:85,h2pri
jquery-3.4.1.min.js
www.kanyetothe.com/js/vendor/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/jquery/jquery-3.4.1.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
7
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-9z9vf
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e9affedbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
vendor-compiled.js
www.kanyetothe.com/js/vendor/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/vendor-compiled.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8d29ad3f919472a8071eca65a4f30cb629b4bab9a5c2ad23f414f03b3f1bf5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=71432
x-envoy-upstream-service-time
5
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-bsmjc
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12e9b02edbb-CDG
cf-bgj
minify
core-compiled.js
www.kanyetothe.com/js/xf/ 		197 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/xf/core-compiled.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
113278609b46bb7d4d5b51f13a300074ac6083526d5e3178161f57c780ccd457
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=201980
x-envoy-upstream-service-time
10
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-64g8b
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12eab1bedbb-CDG
cf-bgj
minify
featured-thread-tracking.8ae5e66a0f1596339710.js
www.kanyetothe.com/js/california/dist/ 		340 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/featured-thread-tracking.8ae5e66a0f1596339710.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b0f43d1a0f7e197b7cad88a2a413b1723f4a797f37287eb8054148caaa400e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
276703
cf-polished
origSize=414
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-nvvsd
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 02:53:23 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb22edbb-CDG
cf-bgj
minify
home-scripts.387103a6fcfe95e2fa14.js
www.kanyetothe.com/js/california/dist/ 		682 B
504 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/home-scripts.387103a6fcfe95e2fa14.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64001af2e54cb9056f143e4f42eecccbaead157a5382ef9ada9f802571e1cc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
834791
cf-polished
origSize=744
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-scvqq
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 09 Nov 2022 15:51:55 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb23edbb-CDG
cf-bgj
minify
homepagev2.7ef95490dae9a540e102.js
www.kanyetothe.com/js/california/dist/ 		415 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/homepagev2.7ef95490dae9a540e102.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3674edd301b537f3af5f076a2f3ed9d6db024df26d51e785b16edb497197aaf0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=424724
x-envoy-upstream-service-time
10
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-tz296
last-modified
Thu, 11 Nov 2021 19:17:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb24edbb-CDG
cf-bgj
minify
california-sidebar.js
www.kanyetothe.com/js/california/src/ 		1 KB
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/src/california-sidebar.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212a5e3352291f258178ecc15e076811104b3a6dab6fb99737e5b6b1492cc1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
227084
cf-polished
origSize=1620
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-gfhmz
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 16:40:22 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb27edbb-CDG
cf-bgj
minify
display-ads.1ea39fe10efa79abd16d.js
www.kanyetothe.com/js/california/dist/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/display-ads.1ea39fe10efa79abd16d.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547eeb26f77d91eddcb169ea10ebfe19ff547c725c7c3af055914f2ecdb61a35
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=39090
x-envoy-upstream-service-time
4
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-7lpds
last-modified
Thu, 11 Nov 2021 19:17:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb28edbb-CDG
cf-bgj
minify
action-override.1bf64fa1bccc96a30c41.js
www.kanyetothe.com/js/california/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/action-override.1bf64fa1bccc96a30c41.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee7732c64d91bff16acbe1f889e1bc3c81a9ef3c9f2d5d6cdcfa2be7b1f2cc5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2799
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-qz2d7
last-modified
Thu, 11 Nov 2021 19:17:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb29edbb-CDG
cf-bgj
minify
california-gallery.0f3f0a46494ce5d119cc.js
www.kanyetothe.com/js/california/dist/ 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/california-gallery.0f3f0a46494ce5d119cc.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c59f90ff4d8c01067bc884a2844afd20624e56eed0878bde979e3124211543
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
617747
cf-polished
origSize=1557
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-scvqq
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 12 Nov 2022 04:09:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb2aedbb-CDG
cf-bgj
minify
welcome-back.f7af9beada9f2c8d9a14.js
www.kanyetothe.com/js/california/dist/ 		360 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/welcome-back.f7af9beada9f2c8d9a14.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1729059e99f251d3ddca6621cd10dc5f5d5caca42ff08ade757c0dc2ae62776
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278729
cf-polished
origSize=422
x-envoy-upstream-service-time
3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-nzdzd
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 02:19:37 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb2bedbb-CDG
cf-bgj
minify
value-to-follow.1a31074ffccb5ca0a702.js
www.kanyetothe.com/js/california/dist/ 		865 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/value-to-follow.1a31074ffccb5ca0a702.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a122d26ed01c1c19d11fc6b2568c2f57c6a55d97fad424949fa6ae38e8b024d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278729
cf-polished
origSize=930
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-ztzc6
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 02:19:37 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb2dedbb-CDG
cf-bgj
minify
desktop-adhesion-close.841b9fc912b9743a4d1c.js
www.kanyetothe.com/js/california/dist/ 		1 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/desktop-adhesion-close.841b9fc912b9743a4d1c.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3a8f01160163a5872b52eff1f7e59e905d5b11ed426ad4d043eb55bbcb45e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=1427
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-fhtgj
last-modified
Thu, 11 Nov 2021 19:17:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb2eedbb-CDG
cf-bgj
minify
store.legacy.min.js
www.kanyetothe.com/js/vendor/storejs/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/storejs/store.legacy.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b70a52d159d5b5ae8cd55c2e89b3b1856cd7a0810292bc264c0cef2ec8da1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-7cspx
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb2fedbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
search-autocomplete.1f538972ad628f27f0f2.js
www.kanyetothe.com/js/california/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/search-autocomplete.1f538972ad628f27f0f2.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68909bbc9daacba9218ab44ec0737af803d0f6b32362c1c390bd067c080b4318
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
617747
cf-polished
origSize=3310
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-vns9c
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 12 Nov 2022 04:09:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb30edbb-CDG
cf-bgj
minify
runtime.4b1f68ef9d4c1e47ee0b.js
www.kanyetothe.com/js/california/dist/ 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/runtime.4b1f68ef9d4c1e47ee0b.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05eedcadbc036fafa32486ac0874cb1c46c236478b22fddc061a3db6860caa45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
7852168
cf-polished
origSize=1506
x-envoy-upstream-service-time
3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-66fbcb6ff8-qcnkd
last-modified
Thu, 19 Aug 2021 16:31:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 20 Aug 2022 10:35:38 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb31edbb-CDG
cf-bgj
minify
structure-override.6019fbc5e5e92c19b28f.js
www.kanyetothe.com/js/california/dist/ 		963 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/structure-override.6019fbc5e5e92c19b28f.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8cf88fb98b3296aa84364849b4aea1fac2453eff4df7cfb84c26efaf9016b24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
839386
cf-polished
origSize=1031
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-zhwhm
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 09 Nov 2022 14:35:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb32edbb-CDG
cf-bgj
minify
unregister-serviceworkers.ca767b5eb75ef1e3b24f.js
www.kanyetothe.com/js/california/dist/ 		366 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/unregister-serviceworkers.ca767b5eb75ef1e3b24f.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7937da9ef8d33c9a315a34aa66b11a8d783339b2a50ac5fe7af63a357c854c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
839386
cf-polished
origSize=441
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-58q7l
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 09 Nov 2022 14:35:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb33edbb-CDG
cf-bgj
minify
tooltip-override.79ffde08a65ff02738f4.js
www.kanyetothe.com/js/california/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/tooltip-override.79ffde08a65ff02738f4.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04eef0864066cd99e53c320b4043c2aa1300fa77b1c202d5d5c8d46e7de4a70a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
839386
cf-polished
origSize=14693
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-wlc8s
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 09 Nov 2022 14:35:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb34edbb-CDG
cf-bgj
minify
form-override.a486cffbdf78782bdbde.js
www.kanyetothe.com/js/california/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/form-override.a486cffbdf78782bdbde.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f481ebf25806a1c681c2d4029eb083009b77d9abae859d7e5cbe56b1d2c641ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
276703
cf-polished
origSize=2043
x-envoy-upstream-service-time
3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-6rhq6
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 02:53:23 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb35edbb-CDG
cf-bgj
minify
push-notification-override.fe30828d73fdfbc5a352.js
www.kanyetothe.com/js/california/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/push-notification-override.fe30828d73fdfbc5a352.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a73a99fc19939f6cbcb8bb0ec7a641a515ceebc2ce80de20185b1976409ffaa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
839386
cf-polished
origSize=2724
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-nvvsd
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 09 Nov 2022 14:35:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb36edbb-CDG
cf-bgj
minify
california_time.js
www.kanyetothe.com/js/california/static/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/static/california_time.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5f730223c1796d4f60ec39aa9cfd7ffcc5b069be8da5991ac8b14d6ef47610
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=5256
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-8c7xg
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ebb38edbb-CDG
cf-bgj
minify
gtm.js
www.googletagmanager.com/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRZJZTJ
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2f638c6424109f9be791aa06b37e83395aa8120175531d2138e59f16e768ab0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61284
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Nov 2021 07:45:06 GMT
onetap
www.kanyetothe.com/login/ Frame 4081 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/login/onetap
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feec8e9e8adfcddf8be0cb7bc79268e0c6961c8e9de49b25ce1f802f74f0687e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
last-modified
Fri, 19 Nov 2021 07:45:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
private, no-cache, max-age=0
vary
Accept-Encoding
x-cluster-node
xenforo-f077e16b-765d7696cb-j7mfg
x-ua-compatible
IE=Edge,chrome=1
content-security-policy
upgrade-insecure-requests
x-envoy-upstream-service-time
59
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b07d12ecb4eedbb-CDG
content-encoding
br
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d60e7952fefe8ea9b2039e08d95ea43d656b6fe92742556c2e8023303cf251fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
new-navigation-icon.svg
www.kanyetothe.com/styles/default/California/ 		613 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/new-navigation-icon.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbcd7af53169dd62d731982b9cd8acc2913330610ccf733662846e88e155b2fb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
615593
x-envoy-upstream-service-time
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-svkl8
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb50edbb-CDG
expires
Sat, 12 Nov 2022 04:45:13 GMT
forum-navigation-icon.svg
www.kanyetothe.com/styles/default/California/ 		699 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/forum-navigation-icon.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164f11af66705aac8d65b627683abea0be000388c7d396ea9c69dffd976c7f4b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
276702
x-envoy-upstream-service-time
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-nvvsd
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb52edbb-CDG
expires
Wed, 16 Nov 2022 02:53:23 GMT
login-icon-white.svg
www.kanyetothe.com/styles/default/California/ 		313 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/login-icon-white.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17e50a5f6fa130fadf1adf5cf538f131e679eeb8d00cf9025756b48faf94e99
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
7777371
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-66fbcb6ff8-hqqvf
last-modified
Thu, 19 Aug 2021 16:12:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb54edbb-CDG
expires
Sun, 21 Aug 2022 07:22:15 GMT
ellipsis-white-large.svg
www.kanyetothe.com/styles/default/California/ 		372 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/ellipsis-white-large.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63218477707b25395a19bf6b905ef27eed13e322e1009208eeda6d96fc98831e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
8035472
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-7f86bcc6-pv2zc
last-modified
Thu, 12 Aug 2021 17:29:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb56edbb-CDG
expires
Thu, 18 Aug 2022 07:40:34 GMT
discussion-icon-white.svg
www.kanyetothe.com/styles/default/California/ 		558 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/discussion-icon-white.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Acalifornia_featured_threads.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d46b4ce496fa7cbe05d43445a9b3a1f59c76965250f703d1637b62813615bdad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_featured_threads.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
2935836
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3bddc9ff-59475ff845-kspgk
last-modified
Thu, 07 Oct 2021 18:27:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb59edbb-CDG
expires
Sun, 16 Oct 2022 08:14:30 GMT
arrow-right-teal.svg
www.kanyetothe.com/styles/default/California/ 		368 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/arrow-right-teal.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35429af42b2abf4801fef47f4804b95af072e8704837c1637477096550c47d81
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
5707007
x-envoy-upstream-service-time
32
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-21388f8f-776cdbc5fd-rw2cr
last-modified
Tue, 07 Sep 2021 19:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb5cedbb-CDG
expires
Wed, 14 Sep 2022 06:28:19 GMT
fora-logo.svg
www.kanyetothe.com/styles/default/California/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/fora-logo.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f2609fb8414f691940e125e0644deeeb7a15dbcb8a89e756865938330f31ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
8035472
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-7f86bcc6-mtn6d
last-modified
Thu, 12 Aug 2021 17:29:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb60edbb-CDG
expires
Thu, 18 Aug 2022 07:40:34 GMT
bbb-logo.svg
www.kanyetothe.com/styles/default/California/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/bbb-logo.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1d2cf5425c844da8ec2a4eb0bff3bb9a2a6c17279222611d5295559599bdac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
615593
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-vmcqb
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12ecb62edbb-CDG
expires
Sat, 12 Nov 2022 04:45:13 GMT
fa-light-300-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-light-300-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Acore.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9425a3d0a5e84066981c2a8515c8a233cddeae94b2cc6462fd66a1d72a6acfe8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/css.php?css=public%3Acore.less&cali-viewmode=card&s=9&d=1637076959
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
732427
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26944
x-cluster-node
xenforo-3d5746c5-db9dfc-4vkk4
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d12edb67edbb-CDG
expires
Thu, 10 Nov 2022 20:17:59 GMT
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/thank-you-god-distrokid-jpeg.1325/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/thank-you-god-distrokid-jpeg.1325/
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8556f986f67dd1f06456e0bedcf9b5cb298b5989f157d42196fc6fc36ee6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49763
last-modified
Wed, 17 Nov 2021 22:00:31 GMT
server
cloudflare
etag
"cfnDh1rZYncB9Ps6rV3j7ZAQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=302 c=478 v=2021.11.7 l=49763
accept-ranges
bytes
cf-ray
6b07d12f8c3eedbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/2-laa-jpeg.1327/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/2-laa-jpeg.1327/
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0f1ea57afa2f350afa3a3bc389f131d43a8568197061929233bac41aadaca0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10646
last-modified
Tue, 16 Nov 2021 06:55:19 GMT
server
cloudflare
etag
"cfOSgbvACqVbies7RzMvHHRA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=246 c=1621 v=2021.11.7 l=10646
accept-ranges
bytes
cf-ray
6b07d12f8c40edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/8bc310e4-bb37-4571-8cbb-e37d146c7b49-jpeg.1317/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=700,height=700,fit=scale-down/https://kanyetothe.com/attachments/8bc310e4-bb37-4571-8cbb-e37d146c7b49-jpeg.1317/
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632eff7d4589ccfa8b28a6c50da1cca3f594eebbab772575fd71ed67ddc635eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14847
last-modified
Thu, 18 Nov 2021 08:43:59 GMT
server
cloudflare
etag
"cf-O4xUNU_C0Fmvi0XD3X3sg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=223 c=1070 v=2021.11.7 l=14847
accept-ranges
bytes
cf-ray
6b07d12f8c42edbb-CDG
cf-bgj
imgq:85,h2pri
content-feed
www.kanyetothe.com/ 		41 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/content-feed?pageNumber=1
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/js/california/dist/homepagev2.7ef95490dae9a540e102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf34f8924fc487173a26413f30c0214e163be16694a3d4f0725fe5ec4f4562a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
437
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-r5cgr
x-ua-compatible
IE=Edge,chrome=1
last-modified
Fri, 19 Nov 2021 07:45:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-cache, max-age=0
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12f9c57edbb-CDG
expires
Thu, 19 Nov 1981 08:52:00 GMT
chevron-teal.svg
www.kanyetothe.com/styles/default/California/ 		282 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/chevron-teal.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Afeed.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7692140e621c79437fef1a789a47757de871531bbb1941e1fae16b863da2b3cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Afeed.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
7773242
x-envoy-upstream-service-time
8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-66fbcb6ff8-br9bm
last-modified
Thu, 19 Aug 2021 16:12:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d12fac66edbb-CDG
expires
Sun, 21 Aug 2022 08:31:03 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 07:45:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		72 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kanyetothe.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2ff9620e44b6cf2332aa7916280f95df07774b5cde88c8a9717f94caa897b26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 19 Nov 2021 07:45:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRZJZTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2639
date
Fri, 19 Nov 2021 07:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 19 Nov 2021 09:01:07 GMT
130832X1600937.skimlinks.js
s.skimresources.com/js/ 		55 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/130832X1600937.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRZJZTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08c1ecb42fb01fd19cab3bced6c29c897aba0fc32bf423d6bb7745b767bcaa85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 09:38:21 GMT
server
AmazonS3
x-amz-request-id
TNZ0N558ZDXSRXSR
etag
"1943c82016fefa6671d50489fe68d787"
x-hw
1637307906.cds140.fr8.hn,1637307906.cds148.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20585
x-amz-id-2
55YrQ1Pl4/TvkUZfh98JUatw9CutiAtcgmrqHXZlCz2zo41uXYpbkQp9EjGMt0vRJjP54scpWDg=
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9=
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2VTjJLe5iTI1pBwzDHQgHTAoOuDxe7a8xZk0Tdt7PZXq-ds3XkiGEw==

Redirect headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1637307906563&ns_c=UTF-8&c8=Kanye%20to%20The&c7=https%3A%2F%2Fwww.kanyetothe.com%2F&c9=
content-length
167
x-amz-cf-id
L0zkn77kF5a5w2i7YLcssnhYYzXOgYs45zScbh-a4EsmnTiEeAAoiQ==
top-forums
www.kanyetothe.com/v1/nodes/ 		864 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/v1/nodes/top-forums
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/js/california/dist/homepagev2.7ef95490dae9a540e102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ef5d4ce170840ea542462ddb7a1dbbbda7347a54c417d731f360bc66291f9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
57
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-x6jnl
x-ua-compatible
IE=Edge,chrome=1
last-modified
Fri, 19 Nov 2021 07:45:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-cache, max-age=0
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1305d23edbb-CDG
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-regular-400-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ Frame 4081 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-regular-400-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c42ffdcad46b3a629de1d3180e62059d0a448b9cff921f3b7ae51f36f4efb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/login/onetap
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
276703
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25312
x-cluster-node
xenforo-3d5746c5-db9dfc-m6khc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1308d4eedbb-CDG
expires
Wed, 16 Nov 2022 02:53:23 GMT
fa-solid-900-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ Frame 4081 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-solid-900-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de7d20fa6e3e31cb063e278d7e5505b7ca77f75c985e5da59c939ca61bf740a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/login/onetap
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278730
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21116
x-cluster-node
xenforo-3d5746c5-db9dfc-zhnnb
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1308d50edbb-CDG
expires
Wed, 16 Nov 2022 02:19:36 GMT
fa-brands-400-subset.v12.woff2
www.kanyetothe.com/styles/fonts/fa/ Frame 4081 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/styles/fonts/fa/fa-brands-400-subset.v12.woff2
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299486b774aba5f7d2d4d1044f6c531a92d4d97f0c1e5c5c8088a6957095efcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.kanyetothe.com/login/onetap
Origin
https://www.kanyetothe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
278729
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6540
x-cluster-node
xenforo-3d5746c5-db9dfc-m6khc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Mon, 08 Nov 2021 16:59:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1308d52edbb-CDG
expires
Wed, 16 Nov 2022 02:19:36 GMT
css.php
www.kanyetothe.com/ Frame 4081 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Anormalize.css&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b615f9673ad5acda73617d617511c3f573dc0d655dc9c488f44bacd594b4ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=2134
x-envoy-upstream-service-time
17
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-zxwlz
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d51edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ Frame 4081 		278 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Acore.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99b7314d99489492e01db55e20377f857f7979c970ba8ae5651ea86e173f1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=285457
x-envoy-upstream-service-time
25
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-bsmjc
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d55edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ Frame 4081 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aapp.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a5ee861141788f09d0bc2bae50da4e95b50cb1f254fe35389fa27402ce8dc3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=28386
x-envoy-upstream-service-time
16
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-tj6tn
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d56edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ Frame 4081 		3 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aone_tap.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6c5e3270c6d3c4f69307209aa20a2b0e13834bca01d21657775babfe5f9ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230457
cf-polished
origSize=2805
x-envoy-upstream-service-time
18
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-4gj8d
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:44:09 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d58edbb-CDG
cf-bgj
minify
css.php
www.kanyetothe.com/ Frame 4081 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ac0a146b18624b9856c1fa22d640007b4a456c2f7e87adfe143b1cf9fc9f37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=56359
x-envoy-upstream-service-time
17
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-vb9tw
x-ua-compatible
IE=Edge,chrome=1
last-modified
Tue, 16 Nov 2021 15:35:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d59edbb-CDG
cf-bgj
minify
preamble.min.js
www.kanyetothe.com/js/california/static/ Frame 4081 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/static/preamble.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe25a0c734bc5c9599b8bcd62c1018a66d8699678d0f7858f1fbb2b01bec082
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-nqfwn
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d5aedbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
one-tap.js
www.kanyetothe.com/js/california/src/ Frame 4081 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/src/one-tap.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d753fc5b35714816c5e961936dee68540e12127ff84462569639e59a2ca2ad0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230457
cf-polished
origSize=11731
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-64g8b
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:44:09 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d5bedbb-CDG
cf-bgj
minify
client
accounts.google.com/gsi/ Frame 4081 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
237f9cd58dc7a9ca94941e61330960c620e6b39577fcb5043706aa24fd4108dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9diVykBK8UB+AbIWw4u82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
content-security-policy
script-src 'report-sample' 'nonce-9diVykBK8UB+AbIWw4u82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires
Fri, 19 Nov 2021 07:45:06 GMT
jquery-3.4.1.min.js
www.kanyetothe.com/js/vendor/jquery/ Frame 4081 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/jquery/jquery-3.4.1.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
7
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-9z9vf
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d5cedbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
vendor-compiled.js
www.kanyetothe.com/js/vendor/ Frame 4081 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/vendor-compiled.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad8d29ad3f919472a8071eca65a4f30cb629b4bab9a5c2ad23f414f03b3f1bf5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=71432
x-envoy-upstream-service-time
5
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-bsmjc
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d5dedbb-CDG
cf-bgj
minify
core-compiled.js
www.kanyetothe.com/js/xf/ Frame 4081 		197 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/xf/core-compiled.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
113278609b46bb7d4d5b51f13a300074ac6083526d5e3178161f57c780ccd457
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=201980
x-envoy-upstream-service-time
10
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-64g8b
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d5fedbb-CDG
cf-bgj
minify
store.legacy.min.js
www.kanyetothe.com/js/vendor/storejs/ Frame 4081 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/vendor/storejs/store.legacy.min.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b70a52d159d5b5ae8cd55c2e89b3b1856cd7a0810292bc264c0cef2ec8da1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-7cspx
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1308d60edbb-CDG
expires
Wed, 16 Nov 2022 15:39:42 GMT
search-autocomplete.1f538972ad628f27f0f2.js
www.kanyetothe.com/js/california/dist/ Frame 4081 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/dist/search-autocomplete.1f538972ad628f27f0f2.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68909bbc9daacba9218ab44ec0737af803d0f6b32362c1c390bd067c080b4318
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
617747
cf-polished
origSize=3310
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-3d5746c5-db9dfc-vns9c
last-modified
Mon, 08 Nov 2021 17:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 12 Nov 2022 04:09:19 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1309d61edbb-CDG
cf-bgj
minify
california_time.js
www.kanyetothe.com/js/california/static/ Frame 4081 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kanyetothe.com/js/california/static/california_time.js?_v=5eaf8cf0
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/login/onetap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5f730223c1796d4f60ec39aa9cfd7ffcc5b069be8da5991ac8b14d6ef47610
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/login/onetap
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
230724
cf-polished
origSize=5256
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-f077e16b-765d7696cb-8c7xg
last-modified
Thu, 11 Nov 2021 19:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 16 Nov 2022 15:39:42 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d1309d62edbb-CDG
cf-bgj
minify
robots.txt
t.skimresources.com/api/v2/ Frame 832D 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.2947905120323824
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=10.048419279719585
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=10.048419279719585
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1588507900&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kanyetothe.com%2F&ul=en-us&de=UTF-8&dt=Kanye%20to%20The&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=15520748&gjid=1322006048&cid=133400659.1637307907&tid=UA-45305421-4&_gid=667593450.1637307907&_r=1&gtm=2wgba1NRZJZTJ&cd1=guest&cd2=card&z=1069157405
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/ 		177 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/130832X1600937.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
7f0b0d90497c4044aba405c257367cbcc76a706af25929b5f00e88faf593278b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.kanyetothe.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
choice.js
quantcast.mgr.consensu.org/choice/rpuuC0TtTLKAz/www.kanyetothe.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/rpuuC0TtTLKAz/www.kanyetothe.com/choice.js?timestamp=1637307906734
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44ca8b8cf02aa2cd9e272540e25d484e7a98e89c1e78db7f9df27a8fef8acc85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
br
last-modified
Sat, 09 Jan 2021 04:30:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"7d615154cedd1e52b103e76a114f4e21"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
o4DgvS2113Bs5um6c_6kq1eohg4_KQ73XNi7fBzDhk9nc1ypFHy6rA==
page
t.skimresources.com/api/v2/ 		22 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/130832X1600937.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
discussion-icon-black.svg
www.kanyetothe.com/styles/default/California/ 		558 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/discussion-icon-black.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Anode_list.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01df2df3715d6d8087abea2a4285154ff55020c1b836a60d21b378b03c7000c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Anode_list.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
5720681
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-21388f8f-776cdbc5fd-v9p6v
last-modified
Tue, 07 Sep 2021 19:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d131ce91edbb-CDG
expires
Wed, 14 Sep 2022 02:40:25 GMT
views-black.svg
www.kanyetothe.com/styles/default/California/ 		404 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/views-black.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e2b156afbfad278e452726d8a76658fe45dceb392b24f13d35d43e7d5b61d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Aextra.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 google
cf-cache-status
HIT
age
8035471
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-7f86610d-7f86bcc6-rfqm8
last-modified
Thu, 12 Aug 2021 17:29:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d131ce93edbb-CDG
expires
Thu, 18 Aug 2022 07:40:35 GMT
style
accounts.google.com/gsi/ Frame 4081 		658 B
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.Mb9zpnrv1Ng.O/am=chE/d=1/rs=AF0KOtXvOlFBAfK2yy2FXw1dpDhezlWKBg/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0dglh9Ao1HedV9KyCu1z8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-0dglh9Ao1HedV9KyCu1z8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires
Fri, 19 Nov 2021 07:45:07 GMT
status
accounts.google.com/gsi/ Frame 4081 		40 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=431759373883-bbdtoc4e2rtrlqb4vlpik2dl0jnm0f7l.apps.googleusercontent.com&as=nYPkzmHNuDp%2FeDpFB0mEDQ
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.Mb9zpnrv1Ng.O/am=chE/d=1/rs=AF0KOtXvOlFBAfK2yy2FXw1dpDhezlWKBg/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d3d21f5633abb2b89bbe44244e7ac3fa23aa26f37c58dda7f460bd26d2a82bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j02SPCi3r6WQxNIR+g96xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-j02SPCi3r6WQxNIR+g96xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/rpuuC0TtTLKAz/www.kanyetothe.com/choice.js?timestamp=1637307906734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:44:37 GMT
content-encoding
br
age
56
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Oxb0xL0IeFx7-ty_JDSFKDCvQFkRN2xGe9ee7MGDqaoGjIUUFnUXHQ==
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:dc00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91f0f7c572c50c1d67bfe7df208fdeac695c9c7bafd20d876fc3352c16ccab42

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 03:00:46 GMT
content-encoding
gzip
age
17061
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 05 Nov 2021 19:52:29 GMT
server
AmazonS3
etag
W/"a48521b7112bc88780bb74b7d674335b"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
BJO5z2rOcoUtttjDqeTIqAHlYS9zatJd
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
94oafLKrA65rHHConY0LDav-33tD4IWS-Y8bhkMlkfnNo2fNMpxSnQ==
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036030/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:23:20 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1306
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
DEnwj1j8H-GAsPusWS8H84r2Bdt34Eypiu_4VlmT8Nsx8fJQyx0oUw==

Redirect headers

date
Fri, 19 Nov 2021 07:45:06 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
2xDQSStamJ4xtenVbup3nSHqdoii_cG1hbq2HfSs4fy4uynzwzi0Xg==
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		294 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8be4c08d8e3b75d889991571be947e23d0ca9eed7c8df0c662357a8cee1714

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 03:00:37 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
17071
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 19 Nov 2021 03:00:32 GMT
server
AmazonS3
etag
W/"180bef2d54f33db2d01df865a822952c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
cWHI8feXdKxMBx68M0V-7-9uXA0Hn6dcx33f6SFeFk2DxUAYtQMdrg==
1740388.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740388.jpg?1636973431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c58419b5ca1e7f0a9e93cb93ac360cd7315904300ee825318659719a1f588d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
322244
cf-polished
origSize=3943, status=vary_header_present
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3463
x-cluster-node
xenforo-3d5746c5-db9dfc-2jj9j
last-modified
Mon, 15 Nov 2021 10:50:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Tue, 15 Nov 2022 14:14:23 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d133783eedbb-CDG
cf-bgj
imgq:100,h2pri
1738666.jpg
www.kanyetothe.com/d3/avatars/m/1738/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1738/1738666.jpg?1627687427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583bfdcb7f7c4e39a1881fe876211de21684863c3b9b1952bee5e4d62a4c54fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
554022
cf-polished
origSize=3923, status=vary_header_present
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3487
x-cluster-node
xenforo-3d5746c5-db9dfc-8plwg
last-modified
Fri, 30 Jul 2021 23:23:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Sat, 12 Nov 2022 21:51:25 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d133783fedbb-CDG
cf-bgj
imgq:100,h2pri
1740477.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740477.jpg?1637268633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127bbb15ecf61caf6cd74121988316081091260c97da567969f7f50e034d4375
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
36094
cf-polished
origSize=1979, status=vary_header_present
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1106
x-cluster-node
xenforo-f077e16b-765d7696cb-7jxp7
last-modified
Thu, 18 Nov 2021 20:50:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Fri, 18 Nov 2022 21:43:33 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1337842edbb-CDG
cf-bgj
imgq:100,h2pri
1740475.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740475.jpg?1637262224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b4504db66c70d6c78955ea0349b45db7b13791b0cb240cd0365cb21851e3d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
45679
cf-polished
origSize=22444, status=vary_header_present
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19887
x-cluster-node
xenforo-f077e16b-765d7696cb-9z9vf
last-modified
Thu, 18 Nov 2021 19:03:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Fri, 18 Nov 2022 19:03:48 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1337845edbb-CDG
cf-bgj
imgq:100,h2pri
1738633.jpg
www.kanyetothe.com/d3/avatars/m/1738/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1738/1738633.jpg?1627439463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8321eff2e39cf5a76b3388cede8a72e913471f3dcaf7f9aa5644cc4d91316b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
7269475
cf-polished
origSize=4881, status=vary_header_present
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3965
x-cluster-node
xenforo-07577d5f-5f88484bf-tq4g5
last-modified
Wed, 28 Jul 2021 02:31:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Sat, 27 Aug 2022 04:27:12 GMT
cache-control
max-age=2592000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1337846edbb-CDG
cf-bgj
imgq:100,h2pri,csam-hash
1740462.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740462.jpg?1637215673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b2ebfd1ee5894de2fe7c188cfb132e4c2d1937ebb460c7b54a2b8c14996905
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
91967
cf-polished
origSize=19587, status=vary_header_present
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17357
x-cluster-node
xenforo-f077e16b-765d7696cb-665zj
last-modified
Thu, 18 Nov 2021 06:07:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Fri, 18 Nov 2022 06:12:20 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1337847edbb-CDG
cf-bgj
imgq:100,h2pri
1740454.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740454.jpg?1637179910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd49ea706e142f20fa2a651078111586b78378b51e065df592faee081e8d1c92
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
122574
cf-polished
status=not_needed
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6081
x-cluster-node
xenforo-f077e16b-765d7696cb-4hdl5
last-modified
Wed, 17 Nov 2021 20:11:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Thu, 17 Nov 2022 21:42:13 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d1337849edbb-CDG
cf-bgj
imgq:100,h2pri
1738115.jpg
www.kanyetothe.com/d3/avatars/m/1738/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1738/1738115.jpg?1635362890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5a7d0fb41f6032f441a792ec289d11f738db3207639769e8467d0b9b9ae012
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
205380
cf-polished
origSize=9750, status=vary_header_present
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7982
x-cluster-node
xenforo-f077e16b-765d7696cb-ksrdk
last-modified
Wed, 27 Oct 2021 19:28:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Wed, 16 Nov 2022 22:42:07 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d133784cedbb-CDG
cf-bgj
imgq:100,h2pri
1740316.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740316.jpg?1636701751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899f228abbb3b07f17a80141b8494498b6565a037b41df371ad8c1150e78d5ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
154209
cf-polished
origSize=2056, status=vary_header_present
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1625
x-cluster-node
xenforo-f077e16b-765d7696cb-s4m2g
last-modified
Fri, 12 Nov 2021 07:22:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Thu, 17 Nov 2022 12:54:58 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d133784dedbb-CDG
cf-bgj
imgq:100,h2pri
1740415.jpg
www.kanyetothe.com/d3/avatars/m/1740/ 		628 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/d3/avatars/m/1740/1740415.jpg?1637056591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6557e951d16294bdd96f0bef6e24d1b2427da90d76c22f7af236688a43c47ca1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
247239
cf-polished
origSize=1275, status=vary_header_present
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
628
x-cluster-node
xenforo-3d5746c5-db9dfc-8xpsl
last-modified
Tue, 16 Nov 2021 09:56:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Host, Accept-Encoding
content-type
image/jpeg
expires
Wed, 16 Nov 2022 11:04:28 GMT
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6b07d133784eedbb-CDG
cf-bgj
imgq:100,h2pri
discussion-icon-black.svg
www.kanyetothe.com/styles/default/California/ 		558 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/discussion-icon-black.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Afeed_item.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01df2df3715d6d8087abea2a4285154ff55020c1b836a60d21b378b03c7000c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Afeed_item.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
5720682
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-21388f8f-776cdbc5fd-v9p6v
last-modified
Tue, 07 Sep 2021 19:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d133784fedbb-CDG
expires
Wed, 14 Sep 2022 02:40:25 GMT
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/download-2021-11-18t180618-497-jpeg.1336/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/download-2021-11-18t180618-497-jpeg.1336/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5082a4d95b5c30486402d98508fb00d52ee5b6cf013e5f23695c32c2135522a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9086
last-modified
Thu, 18 Nov 2021 21:43:33 GMT
server
cloudflare
etag
"cf36_nECViG3S-LKCY9Q3Mhg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=208 c=198 v=2021.11.7 l=9086
accept-ranges
bytes
cf-ray
6b07d1337851edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/omah-lay-%E2%80%93-free-my-mind-jpg.1335/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/omah-lay-%E2%80%93-free-my-mind-jpg.1335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1778f6c6f3c9657a16e4ef6d8dcd1cb770b786593c6e3a4428809e46d0e19d3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27145
last-modified
Thu, 18 Nov 2021 21:43:33 GMT
server
cloudflare
etag
"cfS9NVp-ky8ShIp7XIhJTOqA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=200 c=712 v=2021.11.7 l=27145
accept-ranges
bytes
cf-ray
6b07d1337853edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/fave-baby-riddim-jpg.1334/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/fave-baby-riddim-jpg.1334/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb563d99f1c1e7fe0ab9dd784ad104d6f44076c095323c16b3f49cff63a6af3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23457
last-modified
Thu, 18 Nov 2021 21:43:33 GMT
server
cloudflare
etag
"cfPH9N1_U2_WeZoWM1uwJJxg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=236 c=673 v=2021.11.7 l=23457
accept-ranges
bytes
cf-ray
6b07d1337856edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/img_20211118_183355-jpg.1333/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/img_20211118_183355-jpg.1333/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059eecfaad94a32206bf7457c93aca281aa854772fdc62eafebb733acdf6f8ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24808
last-modified
Thu, 18 Nov 2021 19:06:14 GMT
server
cloudflare
etag
"cfw044l_9SnUQBuP_X6FYZiQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=212 c=1431 v=2021.11.7 l=24808
accept-ranges
bytes
cf-ray
6b07d1337858edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/2fd2dd23-39ff-4b1e-aecd-75afb91dbfff-jpeg.1331/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/2fd2dd23-39ff-4b1e-aecd-75afb91dbfff-jpeg.1331/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cdf3fa638c54700b4aa42b6614d45dcef03cdc313f81649e0ae07ef98fda7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27478
last-modified
Wed, 17 Nov 2021 14:35:38 GMT
server
cloudflare
etag
"cf4ILHi2vpy2d3Q3wQ4kn0Kw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=224 c=1576 v=2021.11.6 l=27478
accept-ranges
bytes
cf-ray
6b07d1337859edbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/untitled-15-png.1330/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/untitled-15-png.1330/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50e56cd4575464a5ec96bfd872ac475479aeaef8f2278116799e4f00a983af9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27685
last-modified
Tue, 16 Nov 2021 22:42:07 GMT
server
cloudflare
etag
"cfWXmab8EgegzesOeLqKZcDw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=219 c=394 v=2021.11.6 l=27685
accept-ranges
bytes
cf-ray
6b07d133785bedbb-CDG
cf-bgj
imgq:85,h2pri
/
www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/5f0849e6-5edd-46b3-983b-d3c7eb2176c4-jpeg.1328/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/cdn-cgi/image/format=auto,onerror=redirect,width=750,height=750,fit=scale-down/https://kanyetothe.com/attachments/5f0849e6-5edd-46b3-983b-d3c7eb2176c4-jpeg.1328/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bbbe53af902aa5961a449200a09790e89b64560fd2a4d89f2d6c80f76076d16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44024
last-modified
Tue, 16 Nov 2021 11:04:29 GMT
server
cloudflare
etag
"cfOcBVL1oX1SxSZr759-PHeA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=206 c=2569 v=2021.11.6 l=44024
accept-ranges
bytes
cf-ray
6b07d133785eedbb-CDG
cf-bgj
imgq:85,h2pri
web-vitals.umd.js
unpkg.com/web-vitals@1.1.0/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18170700
fly-request-id
01F3Y1J6XSQKCA2M5WV03J2E95
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b07d133fda10e22-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 425 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 07:45:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
546
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0EGJQZZ3YJM9PE18CH6P
date
Fri, 19 Nov 2021 07:36:01 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JD8AIi4rNnz0z2eD_GtF1DEBCWZkpJCuTtIqpXXr01BN8l9UNzjMXw==
sync
c.deployads.com/ 		2 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/sync?u=https%3A%2F%2Fwww.kanyetothe.com%2F&s=vs.kanyetothe.com&g=1&cc=0&cs=&client_build=3555
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.228.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-228-32.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:07 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
2
prebid
prebid.media.net/rtb/ 		330 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUP91F1X
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
346b9507de02d8a47b7f0851470e72fbe1653fa7cb932b613255a7c0ea0db94b

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		281 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=1019&site_id=28398&zone_id=114572&size_id=15&p_pos=atf&gdpr=1&rf=https%3A%2F%2Fwww.kanyetothe.com%2F&tk_flint=pbjs_lite_v5.6.0_custom&x_source.tid=9d79b39f-d241-4ed5-8e75-eea887ab23d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21955641384839386
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fd593969bd918c47be019a17a90002d89e8214ffeafeb671e92313f80e1beaa3

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.kanyetothe.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
281
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		280 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=1019&site_id=28398&zone_id=114574&size_id=2&p_pos=btf&gdpr=1&rf=https%3A%2F%2Fwww.kanyetothe.com%2F&tk_flint=pbjs_lite_v5.6.0_custom&x_source.tid=85223d96-89a5-437c-9c79-eee94027e699&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32287974914675766
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9eb3bb24e4a85256db7624956cf43c0c9f190d143f093882c4cdafb5828333f8

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.kanyetothe.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
280
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		301 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=1019&site_id=28398&zone_id=114574&size_id=15&alt_size_ids=10&p_pos=btf&gdpr=1&rf=https%3A%2F%2Fwww.kanyetothe.com%2F&tk_flint=pbjs_lite_v5.6.0_custom&x_source.tid=bcc5c38c-6b60-4f45-b21c-4dac7ca96437&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2911360413331123
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4a64a692e546b1e98b30c887c6c44c9e7167bdd6231d4dd7dd21ccd6c8d6b963

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.kanyetothe.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
301
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		93 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.6.0_custom
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
0fe1bc8affa1b1a1c435e3d8bda11480182cfebae9436b33693e0e7d10001c5f

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 Nov 2021 07:45:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.kanyetothe.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs-simple.com/ut/v3/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.133 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
545.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
358657e2af5ce8c78aaa8b49611acfa2185df2e01d1d8cdc875419840738a679
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 Nov 2021 07:45:07 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.232.23.185; 185.232.23.185; 545.bm-nginx-loadbalancer.mgmt.lax1; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8f079f4f-3886-4731-a028-bc7d90af234f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kanyetothe.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=190322&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22193482fb8ff6af2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kanyetothe.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.6.0_custom%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220fe20c92593fd6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22190322%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2221393fe4c012515%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22190319%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22223bf67df9d2673%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22190325%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222313a45822db80e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22190318%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ae4506885a44439edcd8f294fba591293f1d8b35fb5098f5689f27340a6d701

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.185], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.kanyetothe.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 19 Nov 2021 07:45:07 GMT
auction
c.deployads.com/openrtb2/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.6.0_custom&host=www.kanyetothe.com
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.228.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-228-32.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
1a7bb71a9a644dd97cca807b2d21ebdb388030155615eb9f04d20b59ad589ead

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:07 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
7455
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.kanyetothe.com
date
Fri, 19 Nov 2021 07:45:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.kanyetothe.com&pubid=82ced0ff-f996-4780-a317-3a867a4dc64d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 05:51:43 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server
Server
age
6803
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.kanyetothe.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
5TWMdvrOmB3HMmlpA9ipDL2LiiMnevyUBUWz-Sk7BrsY7lwb4bznUg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.kanyetothe.com%2F&pid=fpO6izrYYqMuO&cb=0&ws=1600x1200&v=7.71.1&t=2500&slots=%5B%7B%22sd%22%3A%22RightRail_Top%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1030735%2FKanyeToThe_com%2FRightRail_Top%22%7D%2C%7B%22sd%22%3A%22RightRail_Bottom_Adhesion%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1030735%2FKanyeToThe_com%2FRightRail_Bottom_Adhesion%22%7D%2C%7B%22sd%22%3A%22Desktop_Adhesion%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1030735%2Fkanyetothe_com%2FDesktop_Adhesion%22%7D%5D&schain=1.0%2C1!sortable.com%2C196%2C1%2C%2C%2C&pubid=82ced0ff-f996-4780-a317-3a867a4dc64d&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
74CBJSM465PMJDEVGQBR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.kanyetothe.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
YAdVVNgpsSFkStF8r3TJQ-9DcK8Vtwy2GiVjXMceQEirjs_8_uHl5g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Fri, 19 Nov 2021 07:45:07 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
-Z0VOPDPskN7IEI-JGxqJ7k6uUOOfrOlO87NqiGkdjT_LYzi2oF8Zw==
facebook2019.svg
www.kanyetothe.com/styles/default/California/ 		376 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kanyetothe.com/styles/default/California/facebook2019.svg
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/css.php?css=public%3Acalifornia_login.less&cali-viewmode=card&s=9&d=1637076959
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.69.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b144c01dcc6eb3e7ebe739e407cf0ce0f4f2809911fff004a146e2e441a838
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/css.php?css=public%3Acalifornia_login.less&cali-viewmode=card&s=9&d=1637076959
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
via
1.1 google
cf-cache-status
HIT
age
5720684
x-envoy-upstream-service-time
2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-cluster-node
xenforo-21388f8f-776cdbc5fd-l9r9x
last-modified
Tue, 07 Sep 2021 19:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
upgrade-insecure-requests
cf-ray
6b07d13489dcedbb-CDG
expires
Wed, 14 Sep 2022 02:40:23 GMT
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kanyetothe.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kanyetothe.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2667603799827808&correlator=1036756048303670&output=ldjh&impl=fifs&eid=31061815&vrg=2021111501&ptt=17&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=1030735%2Ckanyetothe_com%2CRightRail_Vendor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x95&prev_scp=Position%3DVendor%26AdSlot%3DRightRail_Vendor%26srt_sdbg%3D5&eri=5&cust_params=sitename%3Dkanyetothe.com%26template%3Dcalifornia_index_view%26group_id%3D1%26group_name%3DUnregistered%2520%252F%2520Unconfirmed%26registered%3Dfalse%26make%3D%26model%3D%26vertical%3DCOL&cookie_enabled=1&bc=31&abxe=1&dt=1637307907383&dlt=1637307906232&idt=459&frm=20&biw=1600&bih=1200&oid=2&adxs=1280&adys=1254&adks=871818554&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kanyetothe.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x2249&msz=300x95&ga_vid=133400659.1637307907&ga_sid=1637307907&ga_hid=1588507900&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c5bb52cec291e05e9e856379640dab19b23fd6c8f7ed054b2315a2feef7d232e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11763
x-xss-protection
0
google-lineitem-id
5826215690
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138370164496
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd9e236fae5de17b46ffae2bb0c19548862243baeab16aa2841c890473756cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9272
x-xss-protection
0
container.html
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9283 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 07:45:07 GMT
expires
Sat, 19 Nov 2022 07:45:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 07:45:09 GMT
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame E032 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQq6lSY0XPhJQ_2up9kHLpEawISDZauuR1ZJj7A2Igz-2kgC8Awed94IyO-2o6BIpkdd6N5uSc-9Rb9AqOeD7BwC3ySdpp3L2FXAGZm-oR3w90ITYp6x9DPVbUeeO77tYTxRoyDhuJ2YbFPKCVWMkvSqD1aXuhmRVnWTcIizLgDb-Aa3qzSy8YBBHADAoC_ARVRcKJJG4VO8qFerx38lTChEtEpZBWCClWLIzWIIjVDnxBzQT-9Xy3AmesmeuTIwuGnIQLxX9JE2bPawFbsZjDT5L74QDAqeA5_Z_GF4T-DsLPB4Ln-UN4ovbNuUv4hqI6mSc86l-XFikG4KfA&sai=AMfl-YTW7xOwuV-nKWMxKCnCl73pReJ6tclnZbC58fvPfwlHJD20uqzFuB7sECGlZU5qkN00A_5mT_zZKQanslbB-V89JwsLr6x7Uj05kHvoEqgA8AqW9ezadtR5ssbRjS0&sig=Cg0ArKJSzPViQZvXWNVNEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 19 Nov 2021 07:45:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E032 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E032 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 07:45:07 GMT
1255978639413597100
tpc.googlesyndication.com/simgad/ Frame E032 		242 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1255978639413597100
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
915a80e949c160f477cf0180e73866a566fb5321d28c337aeb3ca8f87bb2dabd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:40:02 GMT
x-content-type-options
nosniff
age
144305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248004
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:12:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 17 Nov 2022 15:40:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E032 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulB9lb6MWM2PyfUiAy4OEebY6dNpNqKCDCoDq2yGpfLzdGdGe7rPk4TOjVWD4Xdx5D3M1oM2SrAvlXHxa2moGHc4YWWCY1h2D1LVeYO53ej4Y0jS__X21zThUaThXsG8f6x-16l5nCLR2rmK_VyvdCxXCasqCpgSc4RyneaTwu9EChPSFdOMig1S7mHKSBxXFIGGZS4ZJlMFZeNa8zCbcbtB0xNY9LN4Di-3NVWEMKtGvr1BMJa8cQM70EBmo4wrr2iTWKIkltd1wIEruNgzqxzVF8rSVIa2HPDpAUjVKfUwkfWONEbtaUKn2G091ACtIcg1BhsoQLyOWWqZgyBN0&sai=AMfl-YSsGgq9loCXNa3YZ1_IHts126cXKnC6tgARSV2btKDWVECkqJZm3YVqO_kBZDvDrKXDve7VhDj0Kg9P2cDbTU0WogFqSCgeRf3imTc6CUt4gIADg_D22ZggSyRhgzI&sig=Cg0ArKJSzLpYC6SCY1iCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:07 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 19 Nov 2021 07:45:07 GMT
truncated
/ Frame E032 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee691d6c4f672292e495cd965cec9fa5eb6abdc0a841d79c2629a4a297b64908

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.kanyetothe.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.kanyetothe.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		140 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2667603799827808&correlator=3101267325097788&output=ldjh&impl=fifs&eid=31061815&vrg=2021111501&ptt=17&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=1030735%2Ckanyetothe_com%2CRightRail_Top%2CRightRail_Bottom_Adhesion%2CDesktop_Adhesion&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=300x250%2C300x250%7C300x600%7C300x900%2C728x90&prev_scp=Position%3DATF%26AdSlot%3DRightRail_Top%26amznbid%3D2%26amznp%3D2%26s%3D0%26v%3D3%26srt_u%3Dav%26srt_sdbg%3D1%26srt_st%3D8%7CPosition%3DBTF%2CAdhesion%26AdSlot%3DRightRail_Bottom_Adhesion%26amznbid%3D2%26amznp%3D2%26s%3D0%26v%3D0%2C4%26srt_u%3Dfq%26srt_sdbg%3D1%26srt_st%3D8%7CPosition%3DATF%2CAdhesion%26AdSlot%3DDesktop_Adhesion%26amznbid%3D2%26amznp%3D2%26s%3D0%26v%3D3%2C4%26srt_u%3Dci%26srt_sdbg%3D1%26srt_st%3D8&eri=5&cust_params=sitename%3Dkanyetothe.com%26template%3Dcalifornia_index_view%26group_id%3D1%26group_name%3DUnregistered%2520%252F%2520Unconfirmed%26registered%3Dfalse%26make%3D%26model%3D%26vertical%3DCOL&cookie=ID%3D03ea7eeb16976861-2294d1cae0cb00f2%3AT%3D1637307907%3AS%3DALNI_MZhPpXb31nX9QycU5vHiNQ29r8mxQ&bc=31&abxe=1&dt=1637307907927&dlt=1637307906232&idt=459&frm=20&biw=1600&bih=1200&oid=2&adxs=1280%2C1280%2C436&adys=599%2C1875%2C1200&adks=1851707883%2C381910727%2C4249682862&ucis=2%7C3%7C4&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kanyetothe.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x2249%7C300x609%7C728x-1&msz=300x250%7C300x600%7C728x-1&psts=AGkb-H-Mmw2LE-Vnfce4eFXcyse9yP6cJ0etYLJOJHhnd2FZx9hn9zEm9mX-tIXvlPjxKfpWw1SGz3S_SQMsmeyq&ga_vid=133400659.1637307907&ga_sid=1637307907&ga_hid=1588507900&ga_fc=true&fws=4%2C516%2C516&ohw=1600%2C1600%2C1600&btvi=0%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
fd4291255a512855bbfcde26ded1411a799dfe6471de922bdb122ccf598fb177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49651
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.kanyetothe.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:08 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
container.html
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6522 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 07:45:07 GMT
expires
Sat, 19 Nov 2022 07:45:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D79B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 07:45:07 GMT
expires
Sat, 19 Nov 2022 07:45:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 07:45:07 GMT
expires
Sat, 19 Nov 2022 07:45:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:08 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame B192 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Nov 2021 07:45:08 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6522 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD2ejY6kxJHEMSUhq3m4fRbubEgzBDILD9FVvZSVomQfKXsUh4880xis85u_IupfizNIEgrhiKcGqgMSIPnutxQt063PFlTVRqWp2OkvLiRBrMVPaac9n1sR473xXTST4PsiW7Ejy3Zoyj3lID_GgjJvYcVA&dbm_d=AKAmf-CU0rfsGkfp_6JLngIj03IZjEdfNJ6hH4Ty0cuohpDlQnI0PJi3Ah_8eNCch2YB-YYQkvjwbKhWU5n7Wfq2xFiuevH0-LsQUpzSNhdj6iHVPvc0zSVcl9GT_WqBbkcq797IKJwbrQqlV1Z94vg7tE_lbD3fu52_gkQZG559vVoqARdEGdINgT0ZcOznXRKAe9U5PDDQhkEZMS1skLBcz0WJlLwUac-GwbbEzMSyp7Al7dRGsOY5ENgEnafXYsbiOMVUWeMKFGRQQCj8HH03YSirNCnSq5TTtAhnfUZZodnQsX5jXReLDcV-wM8Rvbm9pSwUq2wZgWrcTiJKI7W7FwyGP2N_jexrxvNVjWSEFnITCaJg25W5h_oqOsFVWZqWjLj5Br5izQxrBI1Jb2pJU98WP1wJ1Zqr4gtc0-MkfRLmsye04cmtFcDAtprVODnt9w1fJHgGHhcQnZqR1Y5igAUSFio6dSJ6YpIQ_OFwj2rghiaEuG-5712cuXOwho8BccD874dQcUgbFQgYC2ciK2qQxas2uIYHii1N7snQf496XNR9td-vbOPvfynsF_D5NqiV1Rtb7KadTxsCiYuQknHcoG3oOA1mUFJ1z0RHZ07q-4-S20kHpRJfzkr2eEDh4tpx1ttS8L3I9Jk11PEsUyYkRTGyMpXJySLEXEFUgXdVqJIBRIAwEiKdiSvY0Li7G7h5SqheP6gQlvMpF-itSHD0MKUte2OkoHU3hUMDJzF2X6OE18vkPvT4yRH5abwesw3kjoUyR_XnQi1f_np6zNH2v9G0AQUOYXJmPdiBxEDQe-GKoprpSZjIqDwNgrqqafbyHVShrqNlhkU9fAxE3upXMNz_oNut3xj_Qx6KueUpLOJ4IFnSWbPs8lOj3FYwZaVTp5D1JgS0Og5aPF4KCv7z7ugyotQAlb2je1Kvl7meYJuFS7idnN-18nQGaXgRA8DkYAVWWgBCGl_q9Xy_KFYMP-XPuuBAxeobYteAA0qUrra3CW6LepOpCY62LpxsVmYj6uoCjxtXykCPhuKXCTYAdMwDG9XS_HHh8jxCxasnIzuz9fdRMkv7wyT8-M0cz1OI_p60KssYklHfnprFuJbFrYS45YgbMfmS3jwpeca99lcbcLj01iYawpT2k1L0SZnA66qxbqkt_yCLPko6u4kZQhZD2YuoT2pUBPudup6JWJ8XkTZ6-aLkL4g0x9--NNsMdA74vuOqm4Hr7daprxacGwwyQIGXtKYahIP4MYBQSVZho7w9I1Ux9wzR025B6E8IfCAPzNDVfUiXc5OTVEWDhbSJqHtdEXkfxXda1Ipd0oiEjJUuZcqGNoHhgSiyJP_KpRsF9MFluxAnu7D7RdTqIkSNlChCBoMAJBWcMRPlIMw4BxGwkMrcCA0vtLZ8i3sKeMLxuMvZb3xnUd_f8kJgUmOMhQGmT5JjvZxatWazIZwm1DhHnSuk0f9FFnPYU3BO6rgjuNi6pWmo5LVSiI3rrta1ms0z4EfzSTb6sFeTj-u4S1UbGH-wexLG8XDC65GSaYPUBU3iDm29orLNTpytJFFMw_9AdglVPLm9rh2VFv24NjPcH1ZrD4PXZ0lDBIU04x2lueZITx0Hb_zdvuQ9j8BZ0x-F6P3cuhi0lwrEmK55JTlAe3U-ws27D99YITqkLFtf-o78Vh_apRJzG5Kk3sUU3KmjmrcJFzB8dpzX0WfoF9dfYdXsSEOMiyBgtZIln9tam9mz8U09bqningJWBgEGan5iTrZ8GZh4d8_Ql5di30SMO2d9MvkPcGLM-FzPdYO5invou-uQK6fYR2pago6MjQlAQh6PvGhQojsaq8twgdU53n0MzSimpVQ1CV9KeO32KxrNxdzqIxT1dQmApq76pmijZaM5YvUgBb3kO51FWWzevrU2HWXQLN9PO1v9v0MdewJz-dI7HRTZq8QeQJfTP662q-duE51utHDj_luC16D0LW8ZPd3JaLKKWzbdhPSE0lsYUzeXzVDngB58wpbMbFjdN9NyG9pyyhzxwWhETsfGGbyuNE1twhQWgCJTr8y0tVQtRRLjJd6PLESkjfx8YdHzYzdp6J4-7dyBdD5mpJtUoeuVhEfw2QnhSq7vH79D7xIm_3udN2zLRa6EvX4ygg0rgu4vHxN_lUlAXCxnIGCq9qrI_DTC23gvM5ULN5cALTu69JtTgPeb1M0jCDnWy6hFWSI0CJP2mRP4IR5ZDk6V8uIwxtldtfldtAQPU0RKOKHgIfqZrXm44yIWr0WI8cwuo-OTZbP4FLh2qI5xsSixiUqEIDdZqBhTIXW9ACtDlgBy-f5iyzX8lzZVfAlAXQPArhsZXQ9nMVX-xMnGM1r1oJ3dvhYsEReqKNuVdkHUS42t5BZGbgSOQ5UGuul2awL7AEHEJroJrhwR_hZAGJDI2eTV-bwYyxaGNrLAxXaG_qLhFZCh1VdDdiJCuk3B7juNamCUfoki0eIdkOPnS2U_qo8iUzNb14JrNiS6kF8hwqwU_SoB-sLpfyWxVcHPZXSPe1__sKfheLN6oJf03LdO0t0STd0NAJGTY7L-b5YmPr4ME2aWgyNJX-MU6oBmSMUkvbSfcz0UVyIfEkWFyuKaknzN-QEF7kyAzHa4Y04tGjLZQ9MvzHEP0Z26egfwunfjj6GSM1c9vZxiiVT3XHb1vVVwq-ifHX_dJPn-2On6KS6nHWgt2OoS1-gNDSq5qW-juii1g0BnhSCp--poQDodkwsdQwoJFG5GdqfldQx8vWs4clqZD0SpvgPPYDukxSvbppoz9NtvfkimXfhlazntOU6FFWt51P35c5SjSwsljQQqKW9Q7EMxZ1hTLPgxC_y9B78tvyKznmSS0qgBsfT4etp2Fo2q6W1kVWvENgZ20K8-8iFgli_Ux6QAzhEIYTXELrk7TCkbt458htc_55PKr3RVPiA4aKptMpMKx2YWNK7Qb6qrVdJddyLHp_EV1q8hv9d4WFbgOsJ9Y7rU1yjA_6v5QF9POFXXL7r6Xxz8294-QF7Y34Yx-1QXNr5_9g&cid=CAASEuRomuhOHNnnErAoul-uWYT9qg&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e78481ee4aeb94701d333adab4048228b18dff21d1b789a089728bc66ba556f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33389
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6522 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwB6zQ5qbrE95OUgN0oFcGs0diBoQWTufvIj_X3Rjuec9ItgVe2F_yaep8kEeLIsgicOysfA0GFPPONLFbJb1gj-58S6bDV39l-GFVU4Ud6p6uGMw
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6522 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6522 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 07:45:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6522 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:02:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F2A8 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Nov 2021 07:45:08 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 8DB7 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd3GQTNYx8P0yxc7bdDQ1D86X7lIG0qaUnCs4XwCM7dpN_-qCSfnRAdREZzZky3_27mDehoBKEItXI2fXphMQx-GdE40ZEfL9CAyKMYOtu6G9elXqgB0PqPa2lpjAhmnkLZ6P9c5Ha5IsG0bB7zKvbhADJAg&dbm_d=AKAmf-CvRQYH7qxa3tmHem9RdPbIRPYT7qWqc-pHYC_8uGG78Q2q8eFKDIqBPVJOCi0XmB-ohDUJ8oXNlg8m8Pt26_QvsTENkq8IIsF2Zg1q3a3aZW6yihcNABKz7m0gLvd01t-DBcyHo0ypMwy3dV0xZrZ-ic3lfsnb9VgpeS43JBn1TCx0TZ3FemIikpP9ukix3kXh9FtNj94NYSrSdro7xp9HLGQHjXhrZLBhpAuAbtYgDecVaxrO7WbTpY7LfpnziyOUaPxYy53VHkiPYleI3tGvNVQz4bLTs55Swm_Niff8eT1sBLt3AErWJgy66ejqN0_cxz-YK5FxC6yB7OidWMR84UP8D15JjjnLXhHVrWMw0Ayzr40Cej7dk_QgxHZ0Rc26PgOTY-OtV3u0fbkBhprnSbsFfYcB_L7FZaqZcB21l-7v9N7p3VcPR_2AWfm4D__jsr-d_P8UR7DkMBPPIO314g__8dXrdQdtKap3mK7aVBdriQAvx6EbHB_ZfF7BOni9dZ6XBoy5ibVExE8nPODYj4BEV2_AkQNfcMXqXY-Hxhp8vtYhb-sgCYunV-VcDSqHYs50R1qjjgFxhwz1rw2E9tDVny1G1UcOsZU989j-uNvXt5B9PCmXy60xgVzwNpUp7D1Tlzfk9vrq5Tkf0Zp-OthGxiOSbILDLikUldqT3MJHBPqKK9Ojq_EhBpx5gSdRtSPWgklEs0sI41wid_cpXibwzGDJMtb20TRj5_kexXLLUXxeDrF4faKgJiXOmRqYa9ebVGCqW09XJtArolk2A7NS9GEAVwWj3ffA2n9crhHnx_UOGChZinlhglbXsLMT5Pblhq-pah8uqA4HBlAgFb02NVvgQyoPVNtuAtlvqxWeKLBlWBonh46l7MVGnqi58kYhnt8w4wxhvhETVk5LeX_V12ZSA2w2J_RMe5tk6ge4kVrc6m0vDPDb2VLxtIOu0D2ZWDBzuvjqjUpt3dDZRDpvurbiJgXPMOf0IU0Ho_QYW6nct9s587Ru_zZBEaeL9RkJA5lZSLWJlm_vwefla_okX8BV-sG-rw7HIA12YKlEyU0MxbCQey7-CbrVK39MsENnutc4j5oU5874hVPoCYk2IgjriLONYVLv-mPnB9UI56v_sg3XEA1wavi-jhTnSDWKTeyeav4DCBwB3ceGrsFYZP1d2t-AaEaNf3BB5zIjKLIZHHgXywEPhPNBF-bTPOr-he5zCrF6GbNNOuHwfDND73bDtyTARHXiDe2VsbM3PpSlSC622MpV3x-WBaK9kdk-dwtSe2VGln0IW16oOz3-Rz11qv1iAUpY_fn4lelPkaL9AQ9T9RTHk8Y0zH2sjZXtI5PpfZ3iIT59B-BgL2PPrOI39HE8943a-Vn9f7yf-NPLuptQpir6TEqa2t5D3HOa2oPhq4dunGQXJojCly4elAmoHRFeY9oK07hN7N5LVdrsZbsW7YM7DAfadebnUqWHFtJ8Sg1oAevvATHlP_HDRG1Ly66N36maVGXc7Iv5jS18pbrZrs79lVa_ZXXjsXU6ipLpNruNQx8hygH5GqiNUiZlJPr98fUi68JfB-mAIVA5o-2OxCZcXwrAxu24ymnkYUAKoCQ2_NGNKAsS9xnDoQlcSkJmCdUVtMa9nJTCSxVjBaUS6m7A5xvDKvAr9AnZvA9N12vpjPQgxngyn-oNx9JEElHDhE0WJEBX6P5EcXYdc_9Ht1Id0--q4Ddnu2o9QHXDhaFf2ovbnevfHesVraRjgvdU1OV1AVNFf07IhFWvvTpHMDBtmsu3a0qXVAg0Mgbrr7NS5pUAoEp_e5gqvyQKtL15J08Z11G5NMYDN1H-b7jwXhzadF3zYnyx-uYdbux6eil6uoh1PRj8JnOB9_n52UIoncNWbzjH4JagPbZ8UO-mDTeCVNaHhEmmPnAARm5v3GUZhKEt8XT_hOg9cRR_RL6UFH0s_aTCbU7kvJv1sbUOCGH2LD_rNq5_fAMh5ZGAKOq5KNaMjkVX2V1sM6DFn1n0n8eBDJmCyFYiSW3FvGajmo2EOWJJXdXt9lJDOFtBjVxVGMmul1ifrFvucmFCpyhbdmFQOgaMdygkBwisjWK7vl1CWldOG1vm1d-yOE97ZLzg5X8GeSLzGMNyXgyR6FmXIAakrNRn5uQdb1IzRmD_y-wo91QEdJ7xLBQ2lWnibT1yN7pCNtRbOL6JzOhFGnOUmEeV6PXglU4MZkx-pq-6ZgPZ7XdzG-bUTJIeq4_m98HSjaoU4vca3_jCeZD5YmYSpdMAYDwkVlk9Y-H3-D6VdS9w5PaS1s698a_cmNziRzMN7CmJ0ZK9hnn2oVUKhvB1H4hvs7yrdkwwDRk9o3uqBCS5GJXt4RP7AKHAlTnJl92fdlJQUeIS3AapGaEuBX9DnH-MdCkajTGahwLhJNbYwdqdLgvz8-20utzT5Qaj8qmGhwVuyIHNzDJQlKfy9cmeAa5DKUwmbDkMiMgrCdR6Ld2GhSsWoQvY6awFr-3QZ8-pbUYI_alozLNgOTTW2Z6XH59sGrIfRV8b9mz7-xGnnVgwWGLKkrZyp5Xczqq-jleeaSY_SUcumQ4wdzxq6HowDqAobECoY0fFZXqpAaCgJQVHru3tI1W8HoJMw8MpIGoKSHRrFEZaf66qXRyt76eKxls090-AGrXMWRl2knzEocK0DQDC4uQYJbcxbjVgg6brzojKm02CFOkM72BCfXYdkwG3WCXdp3ixAU8s8qyvsmcBVHKxPjqMBs2KZf8F1JpzKBtu21XArNR3rsM9mifQvqdSXzA8cjvESsy4ByY-m3f2Ahj2ubofElnaIlE8_oq8cV8PoParFOeOt5UK-8qOGravEaMKsMSl_2XSG6u9jfs74aHzPQwos3jA_a-fHjaXz7M1aPUWgCBYEuVl1BwLCw1f_GCyF-ooOFdYgnIGI3PM0Dp2PscFeqJHPjpuWgQjQH8ufLZYMIHjivkByty-whwVEsXb6k4S5ovPVP-JcKyI4t0oVuYpkzQOJV1QXB1svDAbptVJ1a_4Rg&cid=CAASEuRoKZrEhzGYYzJ34e3knDctxw&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4115d6a06c86ad61f3c407b8d61664a47dd8c0d5de076f0da1e0270c3efac8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33438
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DB7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXXn0SbyxH-5D2IhEwQOMVXvjzSaNHeN57ZGVlPiXuSP1tKy8upImekyHGgGU1w_vxeuMd6yAOJ9hAuu0B6vUdOtSwYFgH5ZBL-G37JbaFGLGscCU
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8DB7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DB7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 07:45:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8DB7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:02:32 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D79B 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6732ef598323e03a0c430d90f45d0a63934d22b3fa51f6bddfb6955ce651162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
server
cafe
etag
4948910059398625987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:21:33 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D79B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 18:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Nov 2022 18:51:14 GMT
web_video.js
www.gstatic.com/admanager/outstream/ Frame D79B 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/admanager/outstream/web_video.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400e7a9f32b9d47c90e67bdab6d07c576845afd6a5f9bce0bfb8580350b7118d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105729
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 12:58:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="drx-mobile-serving"
vary
Accept-Encoding
report-to
{"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D79B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:23:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D79B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
526
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:36:23 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D79B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:02:32 GMT
rum
dsum-sec.casalemedia.com/ Frame F2A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 07:45:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F2A8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZdWBMrEyBjh8kfibjN54gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 07:45:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F2A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Protocol
HTTP/1.1
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
X-Proxy-Origin
185.232.23.185; 185.232.23.185; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a75bfdd6-c84a-48b4-b021-bdae4aa60224
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F2A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyODk3OTQzODU3NTE4ODY0OA%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyODk3OTQzODU3NTE4ODY0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIY5qz8uQEwAQ&v=APEucNXC5kyuFP_lPiyEyfkGexaCu9p3_DDBSMjqfyw6x6-E0dX37nLSx0hb4DQJgRHW6XB8ba1gyOh91Ttj5_dCTVz-FWb6nHVaVc_xMDLRKHG1T-31S9glzSAV3NYwdI7gh9zWc2YyE9rKFHxD-J2hvD0kuGrYP8opgFyjEpgn_nvyDKOsJgh0YbT5b3JA0U7cHyBv214JYnbge6PKr3lXZKy8rltQCQ
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
X-Proxy-Origin
185.232.23.185; 185.232.23.185; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
801b7262-bd64-4bd3-9f9c-ded0927bab87
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyODk3OTQzODU3NTE4ODY0OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B192
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 07:45:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B192
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZdWBMrEyBjh8kfibjN54gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 07:45:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED4IfBbkWza2v9-gSf7CnP0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B192
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Protocol
HTTP/1.1
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
X-Proxy-Origin
185.232.23.185; 185.232.23.185; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8ed87e68-7ad6-4c8b-b801-292471324fb2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELXVl1c_JmDit-CU_XP9gPg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B192
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4NDA1MjMyODk0NjA0NDE5OQ%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4NDA1MjMyODk0NjA0NDE5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQu8O83QIYlsX8uQEwAQ&v=APEucNUe8ly14wBTIZ6RpsK7EAyHEn8n2GTnuLZWYnqlfN-sBmPQdBpUxvWQZofxTCJfGZYdcfr0kKX4aaYsOA6v9l3Jg2tBlj9_KrcYZRsHpULbmddwdLvIiwNS4IyG0vU1yiLrSTmxRAjXvNoZ1Dbaz-rsaRAy5v67vE7B-MGlNdaVfI5SRS6PS3gdPSrvAj9HEV2VSAt86KSj47Du7RkwMjBzHTdh6Q
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:08 GMT
X-Proxy-Origin
185.232.23.185; 185.232.23.185; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
627b81ed-84fc-4f8d-98ae-098a0432c275
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4NDA1MjMyODk0NjA0NDE5OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/854720/58245028/ Frame 6522 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/854720/58245028/skeleton.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.254.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-254-33.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
99fd6da0917428dbc23ef4b80e714d3f467c06999c2ec456267da49275bf6f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
gzip
x-server-name
app09.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 6522 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Origin
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 11:07:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 6522 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD2ejY6kxJHEMSUhq3m4fRbubEgzBDILD9FVvZSVomQfKXsUh4880xis85u_IupfizNIEgrhiKcGqgMSIPnutxQt063PFlTVRqWp2OkvLiRBrMVPaac9n1sR473xXTST4PsiW7Ejy3Zoyj3lID_GgjJvYcVA&dbm_d=AKAmf-CU0rfsGkfp_6JLngIj03IZjEdfNJ6hH4Ty0cuohpDlQnI0PJi3Ah_8eNCch2YB-YYQkvjwbKhWU5n7Wfq2xFiuevH0-LsQUpzSNhdj6iHVPvc0zSVcl9GT_WqBbkcq797IKJwbrQqlV1Z94vg7tE_lbD3fu52_gkQZG559vVoqARdEGdINgT0ZcOznXRKAe9U5PDDQhkEZMS1skLBcz0WJlLwUac-GwbbEzMSyp7Al7dRGsOY5ENgEnafXYsbiOMVUWeMKFGRQQCj8HH03YSirNCnSq5TTtAhnfUZZodnQsX5jXReLDcV-wM8Rvbm9pSwUq2wZgWrcTiJKI7W7FwyGP2N_jexrxvNVjWSEFnITCaJg25W5h_oqOsFVWZqWjLj5Br5izQxrBI1Jb2pJU98WP1wJ1Zqr4gtc0-MkfRLmsye04cmtFcDAtprVODnt9w1fJHgGHhcQnZqR1Y5igAUSFio6dSJ6YpIQ_OFwj2rghiaEuG-5712cuXOwho8BccD874dQcUgbFQgYC2ciK2qQxas2uIYHii1N7snQf496XNR9td-vbOPvfynsF_D5NqiV1Rtb7KadTxsCiYuQknHcoG3oOA1mUFJ1z0RHZ07q-4-S20kHpRJfzkr2eEDh4tpx1ttS8L3I9Jk11PEsUyYkRTGyMpXJySLEXEFUgXdVqJIBRIAwEiKdiSvY0Li7G7h5SqheP6gQlvMpF-itSHD0MKUte2OkoHU3hUMDJzF2X6OE18vkPvT4yRH5abwesw3kjoUyR_XnQi1f_np6zNH2v9G0AQUOYXJmPdiBxEDQe-GKoprpSZjIqDwNgrqqafbyHVShrqNlhkU9fAxE3upXMNz_oNut3xj_Qx6KueUpLOJ4IFnSWbPs8lOj3FYwZaVTp5D1JgS0Og5aPF4KCv7z7ugyotQAlb2je1Kvl7meYJuFS7idnN-18nQGaXgRA8DkYAVWWgBCGl_q9Xy_KFYMP-XPuuBAxeobYteAA0qUrra3CW6LepOpCY62LpxsVmYj6uoCjxtXykCPhuKXCTYAdMwDG9XS_HHh8jxCxasnIzuz9fdRMkv7wyT8-M0cz1OI_p60KssYklHfnprFuJbFrYS45YgbMfmS3jwpeca99lcbcLj01iYawpT2k1L0SZnA66qxbqkt_yCLPko6u4kZQhZD2YuoT2pUBPudup6JWJ8XkTZ6-aLkL4g0x9--NNsMdA74vuOqm4Hr7daprxacGwwyQIGXtKYahIP4MYBQSVZho7w9I1Ux9wzR025B6E8IfCAPzNDVfUiXc5OTVEWDhbSJqHtdEXkfxXda1Ipd0oiEjJUuZcqGNoHhgSiyJP_KpRsF9MFluxAnu7D7RdTqIkSNlChCBoMAJBWcMRPlIMw4BxGwkMrcCA0vtLZ8i3sKeMLxuMvZb3xnUd_f8kJgUmOMhQGmT5JjvZxatWazIZwm1DhHnSuk0f9FFnPYU3BO6rgjuNi6pWmo5LVSiI3rrta1ms0z4EfzSTb6sFeTj-u4S1UbGH-wexLG8XDC65GSaYPUBU3iDm29orLNTpytJFFMw_9AdglVPLm9rh2VFv24NjPcH1ZrD4PXZ0lDBIU04x2lueZITx0Hb_zdvuQ9j8BZ0x-F6P3cuhi0lwrEmK55JTlAe3U-ws27D99YITqkLFtf-o78Vh_apRJzG5Kk3sUU3KmjmrcJFzB8dpzX0WfoF9dfYdXsSEOMiyBgtZIln9tam9mz8U09bqningJWBgEGan5iTrZ8GZh4d8_Ql5di30SMO2d9MvkPcGLM-FzPdYO5invou-uQK6fYR2pago6MjQlAQh6PvGhQojsaq8twgdU53n0MzSimpVQ1CV9KeO32KxrNxdzqIxT1dQmApq76pmijZaM5YvUgBb3kO51FWWzevrU2HWXQLN9PO1v9v0MdewJz-dI7HRTZq8QeQJfTP662q-duE51utHDj_luC16D0LW8ZPd3JaLKKWzbdhPSE0lsYUzeXzVDngB58wpbMbFjdN9NyG9pyyhzxwWhETsfGGbyuNE1twhQWgCJTr8y0tVQtRRLjJd6PLESkjfx8YdHzYzdp6J4-7dyBdD5mpJtUoeuVhEfw2QnhSq7vH79D7xIm_3udN2zLRa6EvX4ygg0rgu4vHxN_lUlAXCxnIGCq9qrI_DTC23gvM5ULN5cALTu69JtTgPeb1M0jCDnWy6hFWSI0CJP2mRP4IR5ZDk6V8uIwxtldtfldtAQPU0RKOKHgIfqZrXm44yIWr0WI8cwuo-OTZbP4FLh2qI5xsSixiUqEIDdZqBhTIXW9ACtDlgBy-f5iyzX8lzZVfAlAXQPArhsZXQ9nMVX-xMnGM1r1oJ3dvhYsEReqKNuVdkHUS42t5BZGbgSOQ5UGuul2awL7AEHEJroJrhwR_hZAGJDI2eTV-bwYyxaGNrLAxXaG_qLhFZCh1VdDdiJCuk3B7juNamCUfoki0eIdkOPnS2U_qo8iUzNb14JrNiS6kF8hwqwU_SoB-sLpfyWxVcHPZXSPe1__sKfheLN6oJf03LdO0t0STd0NAJGTY7L-b5YmPr4ME2aWgyNJX-MU6oBmSMUkvbSfcz0UVyIfEkWFyuKaknzN-QEF7kyAzHa4Y04tGjLZQ9MvzHEP0Z26egfwunfjj6GSM1c9vZxiiVT3XHb1vVVwq-ifHX_dJPn-2On6KS6nHWgt2OoS1-gNDSq5qW-juii1g0BnhSCp--poQDodkwsdQwoJFG5GdqfldQx8vWs4clqZD0SpvgPPYDukxSvbppoz9NtvfkimXfhlazntOU6FFWt51P35c5SjSwsljQQqKW9Q7EMxZ1hTLPgxC_y9B78tvyKznmSS0qgBsfT4etp2Fo2q6W1kVWvENgZ20K8-8iFgli_Ux6QAzhEIYTXELrk7TCkbt458htc_55PKr3RVPiA4aKptMpMKx2YWNK7Qb6qrVdJddyLHp_EV1q8hv9d4WFbgOsJ9Y7rU1yjA_6v5QF9POFXXL7r6Xxz8294-QF7Y34Yx-1QXNr5_9g&cid=CAASEuRomuhOHNnnErAoul-uWYT9qg&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:39:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 6522 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DD2ejY6kxJHEMSUhq3m4fRbubEgzBDILD9FVvZSVomQfKXsUh4880xis85u_IupfizNIEgrhiKcGqgMSIPnutxQt063PFlTVRqWp2OkvLiRBrMVPaac9n1sR473xXTST4PsiW7Ejy3Zoyj3lID_GgjJvYcVA&dbm_d=AKAmf-CU0rfsGkfp_6JLngIj03IZjEdfNJ6hH4Ty0cuohpDlQnI0PJi3Ah_8eNCch2YB-YYQkvjwbKhWU5n7Wfq2xFiuevH0-LsQUpzSNhdj6iHVPvc0zSVcl9GT_WqBbkcq797IKJwbrQqlV1Z94vg7tE_lbD3fu52_gkQZG559vVoqARdEGdINgT0ZcOznXRKAe9U5PDDQhkEZMS1skLBcz0WJlLwUac-GwbbEzMSyp7Al7dRGsOY5ENgEnafXYsbiOMVUWeMKFGRQQCj8HH03YSirNCnSq5TTtAhnfUZZodnQsX5jXReLDcV-wM8Rvbm9pSwUq2wZgWrcTiJKI7W7FwyGP2N_jexrxvNVjWSEFnITCaJg25W5h_oqOsFVWZqWjLj5Br5izQxrBI1Jb2pJU98WP1wJ1Zqr4gtc0-MkfRLmsye04cmtFcDAtprVODnt9w1fJHgGHhcQnZqR1Y5igAUSFio6dSJ6YpIQ_OFwj2rghiaEuG-5712cuXOwho8BccD874dQcUgbFQgYC2ciK2qQxas2uIYHii1N7snQf496XNR9td-vbOPvfynsF_D5NqiV1Rtb7KadTxsCiYuQknHcoG3oOA1mUFJ1z0RHZ07q-4-S20kHpRJfzkr2eEDh4tpx1ttS8L3I9Jk11PEsUyYkRTGyMpXJySLEXEFUgXdVqJIBRIAwEiKdiSvY0Li7G7h5SqheP6gQlvMpF-itSHD0MKUte2OkoHU3hUMDJzF2X6OE18vkPvT4yRH5abwesw3kjoUyR_XnQi1f_np6zNH2v9G0AQUOYXJmPdiBxEDQe-GKoprpSZjIqDwNgrqqafbyHVShrqNlhkU9fAxE3upXMNz_oNut3xj_Qx6KueUpLOJ4IFnSWbPs8lOj3FYwZaVTp5D1JgS0Og5aPF4KCv7z7ugyotQAlb2je1Kvl7meYJuFS7idnN-18nQGaXgRA8DkYAVWWgBCGl_q9Xy_KFYMP-XPuuBAxeobYteAA0qUrra3CW6LepOpCY62LpxsVmYj6uoCjxtXykCPhuKXCTYAdMwDG9XS_HHh8jxCxasnIzuz9fdRMkv7wyT8-M0cz1OI_p60KssYklHfnprFuJbFrYS45YgbMfmS3jwpeca99lcbcLj01iYawpT2k1L0SZnA66qxbqkt_yCLPko6u4kZQhZD2YuoT2pUBPudup6JWJ8XkTZ6-aLkL4g0x9--NNsMdA74vuOqm4Hr7daprxacGwwyQIGXtKYahIP4MYBQSVZho7w9I1Ux9wzR025B6E8IfCAPzNDVfUiXc5OTVEWDhbSJqHtdEXkfxXda1Ipd0oiEjJUuZcqGNoHhgSiyJP_KpRsF9MFluxAnu7D7RdTqIkSNlChCBoMAJBWcMRPlIMw4BxGwkMrcCA0vtLZ8i3sKeMLxuMvZb3xnUd_f8kJgUmOMhQGmT5JjvZxatWazIZwm1DhHnSuk0f9FFnPYU3BO6rgjuNi6pWmo5LVSiI3rrta1ms0z4EfzSTb6sFeTj-u4S1UbGH-wexLG8XDC65GSaYPUBU3iDm29orLNTpytJFFMw_9AdglVPLm9rh2VFv24NjPcH1ZrD4PXZ0lDBIU04x2lueZITx0Hb_zdvuQ9j8BZ0x-F6P3cuhi0lwrEmK55JTlAe3U-ws27D99YITqkLFtf-o78Vh_apRJzG5Kk3sUU3KmjmrcJFzB8dpzX0WfoF9dfYdXsSEOMiyBgtZIln9tam9mz8U09bqningJWBgEGan5iTrZ8GZh4d8_Ql5di30SMO2d9MvkPcGLM-FzPdYO5invou-uQK6fYR2pago6MjQlAQh6PvGhQojsaq8twgdU53n0MzSimpVQ1CV9KeO32KxrNxdzqIxT1dQmApq76pmijZaM5YvUgBb3kO51FWWzevrU2HWXQLN9PO1v9v0MdewJz-dI7HRTZq8QeQJfTP662q-duE51utHDj_luC16D0LW8ZPd3JaLKKWzbdhPSE0lsYUzeXzVDngB58wpbMbFjdN9NyG9pyyhzxwWhETsfGGbyuNE1twhQWgCJTr8y0tVQtRRLjJd6PLESkjfx8YdHzYzdp6J4-7dyBdD5mpJtUoeuVhEfw2QnhSq7vH79D7xIm_3udN2zLRa6EvX4ygg0rgu4vHxN_lUlAXCxnIGCq9qrI_DTC23gvM5ULN5cALTu69JtTgPeb1M0jCDnWy6hFWSI0CJP2mRP4IR5ZDk6V8uIwxtldtfldtAQPU0RKOKHgIfqZrXm44yIWr0WI8cwuo-OTZbP4FLh2qI5xsSixiUqEIDdZqBhTIXW9ACtDlgBy-f5iyzX8lzZVfAlAXQPArhsZXQ9nMVX-xMnGM1r1oJ3dvhYsEReqKNuVdkHUS42t5BZGbgSOQ5UGuul2awL7AEHEJroJrhwR_hZAGJDI2eTV-bwYyxaGNrLAxXaG_qLhFZCh1VdDdiJCuk3B7juNamCUfoki0eIdkOPnS2U_qo8iUzNb14JrNiS6kF8hwqwU_SoB-sLpfyWxVcHPZXSPe1__sKfheLN6oJf03LdO0t0STd0NAJGTY7L-b5YmPr4ME2aWgyNJX-MU6oBmSMUkvbSfcz0UVyIfEkWFyuKaknzN-QEF7kyAzHa4Y04tGjLZQ9MvzHEP0Z26egfwunfjj6GSM1c9vZxiiVT3XHb1vVVwq-ifHX_dJPn-2On6KS6nHWgt2OoS1-gNDSq5qW-juii1g0BnhSCp--poQDodkwsdQwoJFG5GdqfldQx8vWs4clqZD0SpvgPPYDukxSvbppoz9NtvfkimXfhlazntOU6FFWt51P35c5SjSwsljQQqKW9Q7EMxZ1hTLPgxC_y9B78tvyKznmSS0qgBsfT4etp2Fo2q6W1kVWvENgZ20K8-8iFgli_Ux6QAzhEIYTXELrk7TCkbt458htc_55PKr3RVPiA4aKptMpMKx2YWNK7Qb6qrVdJddyLHp_EV1q8hv9d4WFbgOsJ9Y7rU1yjA_6v5QF9POFXXL7r6Xxz8294-QF7Y34Yx-1QXNr5_9g&cid=CAASEuRomuhOHNnnErAoul-uWYT9qg&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:39:23 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/854720/58245029/ Frame 8DB7 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/854720/58245029/skeleton.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.254.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-254-33.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0f4251340b7fbb1c6e4697c107ea643180eeb1c799728b87d579c4d23e4c2de7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8DB7 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Origin
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 11:07:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8DB7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd3GQTNYx8P0yxc7bdDQ1D86X7lIG0qaUnCs4XwCM7dpN_-qCSfnRAdREZzZky3_27mDehoBKEItXI2fXphMQx-GdE40ZEfL9CAyKMYOtu6G9elXqgB0PqPa2lpjAhmnkLZ6P9c5Ha5IsG0bB7zKvbhADJAg&dbm_d=AKAmf-CvRQYH7qxa3tmHem9RdPbIRPYT7qWqc-pHYC_8uGG78Q2q8eFKDIqBPVJOCi0XmB-ohDUJ8oXNlg8m8Pt26_QvsTENkq8IIsF2Zg1q3a3aZW6yihcNABKz7m0gLvd01t-DBcyHo0ypMwy3dV0xZrZ-ic3lfsnb9VgpeS43JBn1TCx0TZ3FemIikpP9ukix3kXh9FtNj94NYSrSdro7xp9HLGQHjXhrZLBhpAuAbtYgDecVaxrO7WbTpY7LfpnziyOUaPxYy53VHkiPYleI3tGvNVQz4bLTs55Swm_Niff8eT1sBLt3AErWJgy66ejqN0_cxz-YK5FxC6yB7OidWMR84UP8D15JjjnLXhHVrWMw0Ayzr40Cej7dk_QgxHZ0Rc26PgOTY-OtV3u0fbkBhprnSbsFfYcB_L7FZaqZcB21l-7v9N7p3VcPR_2AWfm4D__jsr-d_P8UR7DkMBPPIO314g__8dXrdQdtKap3mK7aVBdriQAvx6EbHB_ZfF7BOni9dZ6XBoy5ibVExE8nPODYj4BEV2_AkQNfcMXqXY-Hxhp8vtYhb-sgCYunV-VcDSqHYs50R1qjjgFxhwz1rw2E9tDVny1G1UcOsZU989j-uNvXt5B9PCmXy60xgVzwNpUp7D1Tlzfk9vrq5Tkf0Zp-OthGxiOSbILDLikUldqT3MJHBPqKK9Ojq_EhBpx5gSdRtSPWgklEs0sI41wid_cpXibwzGDJMtb20TRj5_kexXLLUXxeDrF4faKgJiXOmRqYa9ebVGCqW09XJtArolk2A7NS9GEAVwWj3ffA2n9crhHnx_UOGChZinlhglbXsLMT5Pblhq-pah8uqA4HBlAgFb02NVvgQyoPVNtuAtlvqxWeKLBlWBonh46l7MVGnqi58kYhnt8w4wxhvhETVk5LeX_V12ZSA2w2J_RMe5tk6ge4kVrc6m0vDPDb2VLxtIOu0D2ZWDBzuvjqjUpt3dDZRDpvurbiJgXPMOf0IU0Ho_QYW6nct9s587Ru_zZBEaeL9RkJA5lZSLWJlm_vwefla_okX8BV-sG-rw7HIA12YKlEyU0MxbCQey7-CbrVK39MsENnutc4j5oU5874hVPoCYk2IgjriLONYVLv-mPnB9UI56v_sg3XEA1wavi-jhTnSDWKTeyeav4DCBwB3ceGrsFYZP1d2t-AaEaNf3BB5zIjKLIZHHgXywEPhPNBF-bTPOr-he5zCrF6GbNNOuHwfDND73bDtyTARHXiDe2VsbM3PpSlSC622MpV3x-WBaK9kdk-dwtSe2VGln0IW16oOz3-Rz11qv1iAUpY_fn4lelPkaL9AQ9T9RTHk8Y0zH2sjZXtI5PpfZ3iIT59B-BgL2PPrOI39HE8943a-Vn9f7yf-NPLuptQpir6TEqa2t5D3HOa2oPhq4dunGQXJojCly4elAmoHRFeY9oK07hN7N5LVdrsZbsW7YM7DAfadebnUqWHFtJ8Sg1oAevvATHlP_HDRG1Ly66N36maVGXc7Iv5jS18pbrZrs79lVa_ZXXjsXU6ipLpNruNQx8hygH5GqiNUiZlJPr98fUi68JfB-mAIVA5o-2OxCZcXwrAxu24ymnkYUAKoCQ2_NGNKAsS9xnDoQlcSkJmCdUVtMa9nJTCSxVjBaUS6m7A5xvDKvAr9AnZvA9N12vpjPQgxngyn-oNx9JEElHDhE0WJEBX6P5EcXYdc_9Ht1Id0--q4Ddnu2o9QHXDhaFf2ovbnevfHesVraRjgvdU1OV1AVNFf07IhFWvvTpHMDBtmsu3a0qXVAg0Mgbrr7NS5pUAoEp_e5gqvyQKtL15J08Z11G5NMYDN1H-b7jwXhzadF3zYnyx-uYdbux6eil6uoh1PRj8JnOB9_n52UIoncNWbzjH4JagPbZ8UO-mDTeCVNaHhEmmPnAARm5v3GUZhKEt8XT_hOg9cRR_RL6UFH0s_aTCbU7kvJv1sbUOCGH2LD_rNq5_fAMh5ZGAKOq5KNaMjkVX2V1sM6DFn1n0n8eBDJmCyFYiSW3FvGajmo2EOWJJXdXt9lJDOFtBjVxVGMmul1ifrFvucmFCpyhbdmFQOgaMdygkBwisjWK7vl1CWldOG1vm1d-yOE97ZLzg5X8GeSLzGMNyXgyR6FmXIAakrNRn5uQdb1IzRmD_y-wo91QEdJ7xLBQ2lWnibT1yN7pCNtRbOL6JzOhFGnOUmEeV6PXglU4MZkx-pq-6ZgPZ7XdzG-bUTJIeq4_m98HSjaoU4vca3_jCeZD5YmYSpdMAYDwkVlk9Y-H3-D6VdS9w5PaS1s698a_cmNziRzMN7CmJ0ZK9hnn2oVUKhvB1H4hvs7yrdkwwDRk9o3uqBCS5GJXt4RP7AKHAlTnJl92fdlJQUeIS3AapGaEuBX9DnH-MdCkajTGahwLhJNbYwdqdLgvz8-20utzT5Qaj8qmGhwVuyIHNzDJQlKfy9cmeAa5DKUwmbDkMiMgrCdR6Ld2GhSsWoQvY6awFr-3QZ8-pbUYI_alozLNgOTTW2Z6XH59sGrIfRV8b9mz7-xGnnVgwWGLKkrZyp5Xczqq-jleeaSY_SUcumQ4wdzxq6HowDqAobECoY0fFZXqpAaCgJQVHru3tI1W8HoJMw8MpIGoKSHRrFEZaf66qXRyt76eKxls090-AGrXMWRl2knzEocK0DQDC4uQYJbcxbjVgg6brzojKm02CFOkM72BCfXYdkwG3WCXdp3ixAU8s8qyvsmcBVHKxPjqMBs2KZf8F1JpzKBtu21XArNR3rsM9mifQvqdSXzA8cjvESsy4ByY-m3f2Ahj2ubofElnaIlE8_oq8cV8PoParFOeOt5UK-8qOGravEaMKsMSl_2XSG6u9jfs74aHzPQwos3jA_a-fHjaXz7M1aPUWgCBYEuVl1BwLCw1f_GCyF-ooOFdYgnIGI3PM0Dp2PscFeqJHPjpuWgQjQH8ufLZYMIHjivkByty-whwVEsXb6k4S5ovPVP-JcKyI4t0oVuYpkzQOJV1QXB1svDAbptVJ1a_4Rg&cid=CAASEuRoKZrEhzGYYzJ34e3knDctxw&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:39:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8DB7 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd3GQTNYx8P0yxc7bdDQ1D86X7lIG0qaUnCs4XwCM7dpN_-qCSfnRAdREZzZky3_27mDehoBKEItXI2fXphMQx-GdE40ZEfL9CAyKMYOtu6G9elXqgB0PqPa2lpjAhmnkLZ6P9c5Ha5IsG0bB7zKvbhADJAg&dbm_d=AKAmf-CvRQYH7qxa3tmHem9RdPbIRPYT7qWqc-pHYC_8uGG78Q2q8eFKDIqBPVJOCi0XmB-ohDUJ8oXNlg8m8Pt26_QvsTENkq8IIsF2Zg1q3a3aZW6yihcNABKz7m0gLvd01t-DBcyHo0ypMwy3dV0xZrZ-ic3lfsnb9VgpeS43JBn1TCx0TZ3FemIikpP9ukix3kXh9FtNj94NYSrSdro7xp9HLGQHjXhrZLBhpAuAbtYgDecVaxrO7WbTpY7LfpnziyOUaPxYy53VHkiPYleI3tGvNVQz4bLTs55Swm_Niff8eT1sBLt3AErWJgy66ejqN0_cxz-YK5FxC6yB7OidWMR84UP8D15JjjnLXhHVrWMw0Ayzr40Cej7dk_QgxHZ0Rc26PgOTY-OtV3u0fbkBhprnSbsFfYcB_L7FZaqZcB21l-7v9N7p3VcPR_2AWfm4D__jsr-d_P8UR7DkMBPPIO314g__8dXrdQdtKap3mK7aVBdriQAvx6EbHB_ZfF7BOni9dZ6XBoy5ibVExE8nPODYj4BEV2_AkQNfcMXqXY-Hxhp8vtYhb-sgCYunV-VcDSqHYs50R1qjjgFxhwz1rw2E9tDVny1G1UcOsZU989j-uNvXt5B9PCmXy60xgVzwNpUp7D1Tlzfk9vrq5Tkf0Zp-OthGxiOSbILDLikUldqT3MJHBPqKK9Ojq_EhBpx5gSdRtSPWgklEs0sI41wid_cpXibwzGDJMtb20TRj5_kexXLLUXxeDrF4faKgJiXOmRqYa9ebVGCqW09XJtArolk2A7NS9GEAVwWj3ffA2n9crhHnx_UOGChZinlhglbXsLMT5Pblhq-pah8uqA4HBlAgFb02NVvgQyoPVNtuAtlvqxWeKLBlWBonh46l7MVGnqi58kYhnt8w4wxhvhETVk5LeX_V12ZSA2w2J_RMe5tk6ge4kVrc6m0vDPDb2VLxtIOu0D2ZWDBzuvjqjUpt3dDZRDpvurbiJgXPMOf0IU0Ho_QYW6nct9s587Ru_zZBEaeL9RkJA5lZSLWJlm_vwefla_okX8BV-sG-rw7HIA12YKlEyU0MxbCQey7-CbrVK39MsENnutc4j5oU5874hVPoCYk2IgjriLONYVLv-mPnB9UI56v_sg3XEA1wavi-jhTnSDWKTeyeav4DCBwB3ceGrsFYZP1d2t-AaEaNf3BB5zIjKLIZHHgXywEPhPNBF-bTPOr-he5zCrF6GbNNOuHwfDND73bDtyTARHXiDe2VsbM3PpSlSC622MpV3x-WBaK9kdk-dwtSe2VGln0IW16oOz3-Rz11qv1iAUpY_fn4lelPkaL9AQ9T9RTHk8Y0zH2sjZXtI5PpfZ3iIT59B-BgL2PPrOI39HE8943a-Vn9f7yf-NPLuptQpir6TEqa2t5D3HOa2oPhq4dunGQXJojCly4elAmoHRFeY9oK07hN7N5LVdrsZbsW7YM7DAfadebnUqWHFtJ8Sg1oAevvATHlP_HDRG1Ly66N36maVGXc7Iv5jS18pbrZrs79lVa_ZXXjsXU6ipLpNruNQx8hygH5GqiNUiZlJPr98fUi68JfB-mAIVA5o-2OxCZcXwrAxu24ymnkYUAKoCQ2_NGNKAsS9xnDoQlcSkJmCdUVtMa9nJTCSxVjBaUS6m7A5xvDKvAr9AnZvA9N12vpjPQgxngyn-oNx9JEElHDhE0WJEBX6P5EcXYdc_9Ht1Id0--q4Ddnu2o9QHXDhaFf2ovbnevfHesVraRjgvdU1OV1AVNFf07IhFWvvTpHMDBtmsu3a0qXVAg0Mgbrr7NS5pUAoEp_e5gqvyQKtL15J08Z11G5NMYDN1H-b7jwXhzadF3zYnyx-uYdbux6eil6uoh1PRj8JnOB9_n52UIoncNWbzjH4JagPbZ8UO-mDTeCVNaHhEmmPnAARm5v3GUZhKEt8XT_hOg9cRR_RL6UFH0s_aTCbU7kvJv1sbUOCGH2LD_rNq5_fAMh5ZGAKOq5KNaMjkVX2V1sM6DFn1n0n8eBDJmCyFYiSW3FvGajmo2EOWJJXdXt9lJDOFtBjVxVGMmul1ifrFvucmFCpyhbdmFQOgaMdygkBwisjWK7vl1CWldOG1vm1d-yOE97ZLzg5X8GeSLzGMNyXgyR6FmXIAakrNRn5uQdb1IzRmD_y-wo91QEdJ7xLBQ2lWnibT1yN7pCNtRbOL6JzOhFGnOUmEeV6PXglU4MZkx-pq-6ZgPZ7XdzG-bUTJIeq4_m98HSjaoU4vca3_jCeZD5YmYSpdMAYDwkVlk9Y-H3-D6VdS9w5PaS1s698a_cmNziRzMN7CmJ0ZK9hnn2oVUKhvB1H4hvs7yrdkwwDRk9o3uqBCS5GJXt4RP7AKHAlTnJl92fdlJQUeIS3AapGaEuBX9DnH-MdCkajTGahwLhJNbYwdqdLgvz8-20utzT5Qaj8qmGhwVuyIHNzDJQlKfy9cmeAa5DKUwmbDkMiMgrCdR6Ld2GhSsWoQvY6awFr-3QZ8-pbUYI_alozLNgOTTW2Z6XH59sGrIfRV8b9mz7-xGnnVgwWGLKkrZyp5Xczqq-jleeaSY_SUcumQ4wdzxq6HowDqAobECoY0fFZXqpAaCgJQVHru3tI1W8HoJMw8MpIGoKSHRrFEZaf66qXRyt76eKxls090-AGrXMWRl2knzEocK0DQDC4uQYJbcxbjVgg6brzojKm02CFOkM72BCfXYdkwG3WCXdp3ixAU8s8qyvsmcBVHKxPjqMBs2KZf8F1JpzKBtu21XArNR3rsM9mifQvqdSXzA8cjvESsy4ByY-m3f2Ahj2ubofElnaIlE8_oq8cV8PoParFOeOt5UK-8qOGravEaMKsMSl_2XSG6u9jfs74aHzPQwos3jA_a-fHjaXz7M1aPUWgCBYEuVl1BwLCw1f_GCyF-ooOFdYgnIGI3PM0Dp2PscFeqJHPjpuWgQjQH8ufLZYMIHjivkByty-whwVEsXb6k4S5ovPVP-JcKyI4t0oVuYpkzQOJV1QXB1svDAbptVJ1a_4Rg&cid=CAASEuRoKZrEhzGYYzJ34e3knDctxw&rfl=1%2Chttps%253A%252F%252Fwww.kanyetothe.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 07:39:23 GMT
containr.js
cdn.mookie1.com/ Frame 8DB7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js?tagid=V2_399567&tagType=imp&host=de-gmtdmp.mookie1.com&src.rand=1318590985&src.campaignID=26757388&src.placementID=319077638
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.40.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-40-118.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 07:45:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
2941
Last-Modified
Tue, 08 Sep 2020 10:42:20 GMT
Server
AkamaiNetStorage
ETag
"6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 19 Nov 2021 07:46:08 GMT
index.html
s0.2mdn.net/8247229/1636534337098/ Frame 1588 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247229/1636534337098/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0ffc7e0879534a888c576c63b2da7f3745852906dd9b2b3947675fcf2c33a44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2942
date
Thu, 18 Nov 2021 14:40:15 GMT
expires
Fri, 19 Nov 2021 14:40:15 GMT
last-modified
Wed, 10 Nov 2021 08:52:17 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
61494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8DB7 		0
760 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9nUPTgMMhhkOXv2X6jLsENqtqoXQhiWjK4rkUFuntmjlH1cwK6sD-yB9C6Nm6VvC1_WwV7HW2qkVQvL-ORzg7SerPiuJ0zeTjtAT1BN9z_HdkV_fa83NWz1CkV0yPRU5nYMq28gM__LRVzq_2cGKUoL1Btk5b3iBe7t7B27ccWE1yTebZNypAakQGuFWXVJtQsgXVZk8rCCIZ5IrjJRWspec1Oa8067AVmTudQfk9vT6POGs5-GmbaXk9lwKN7ATXIMzDdq-fp5ecHDITDHF_LrXyKE19MlzHBnTGUgUGiynyrN28exgZ5iJDa7BN5Ayi_ZjeBuTWo2mzFwVnO22CydCPle0WMvJysvVsrHIM1nsNlLxvDGjw3N8F3QVobC5nQl_8-CACZYoExnODzC9N0jlAY9XGV_a8953QQIG_hecDbQ9dy5h23sHM0guSAjr0ujfc9B_LMTZ714xWkpcfLVs4AAKlVSXIweaJ-6bi_lULfMzD56WijtB7ogokF9p9OsSs5oYVZzTo6IVXikxgu_oz_zCeP6dJxEw3S9YpI5C1jF2zo63wYNqo4zE2y37ZBRFWy5_nIlyr4IlpxoC6w1Jej-UxMP9zETNLDJKf-cz25DOMgvBXhIeSJ32pBx1fnMTF-krK7gw8WO1bMWfcrlYCIKOdv4HaQG6BcenjnuF4lCGND5pJv31Zk8gk3cY1AGo7FXaGDUEhO6nV-0p4BvGd-HRcL1BpW0CoqYcMzpKK8dBChvWt5RImsVUkd15wj8e9_3__C9TpiKszcD-rwuFLF3F0Y_mMIbw5dIMKehYoDTs2Z36Ypfk8OPSxYJrh7abqFZp_zkNriuesNsJ7LQazl2uaNi1ae_dsOTS9ymFUBFCpvaa2HrrsDHSJYxUeEO7c0YsnasDekagbJyGZOngpv8zK8vvY1AnnvcCNzk0UR9szV4tNH8EdV6CXHVfWWC4m6AWNY9mwgixRUzJnuQCWE0gsOXmY5zCg-1oxpU1pwwX2rrji9uPFMWMJEGYHjYul4RxyhVwFLAWmu40jx4ZmPW-Gg3lN4WOo2fF-oC7xwn50fbRbBwnwUxD7qz8LZckfi1_66CSWb1cIupgI5jLd96s7lFf2j6_IqwMp_SoljsxKNP6v16pMAfC1iHdV-TJp4fvRgr2YnQ7GhLMmv4xGFDvxSKZXUBqjMXY-eudRczeJmgg6ND_Mw4c&sai=AMfl-YQqGWpiHRbpWPwtNTPMyqK-3POkm_jLb8AZ8yoUBLzJmYhTsXo0RYWPN7gYru_GIof6pOKZAY7yyjg1N0YVRQJaCSOmh77u3cFnbur_8tdEh0FJ1qaNz1OatdUUUkiil1TSuppvaCZ1JAothTJ1uEvMmWlu5g&sig=Cg0ArKJSzPLAUfM6LuirEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=75&cbvp=1&cstd=73&cisv=r20211111.72661&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
date
Fri, 19 Nov 2021 07:45:09 GMT
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
ad_impression.gif
beacon.krxd.net/ Frame 8DB7 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=rvp2er2m6&advertiserid=8247229&campaignid=26757388&siteid=7060575&sitename=N755990.3107238APEXEXCHANGE&placementid=319077638&adid=%adid!&creativeid=161155652
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-79-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1637307909
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
containr.js
cdn.mookie1.com/ Frame 6522 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mookie1.com/containr.js?tagid=V2_399567&tagType=imp&host=de-gmtdmp.mookie1.com&src.rand=2059141670&src.campaignID=26757388&src.placementID=319077635
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.40.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-40-118.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 07:45:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
2941
Last-Modified
Tue, 08 Sep 2020 10:42:20 GMT
Server
AkamaiNetStorage
ETag
"6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 19 Nov 2021 07:46:08 GMT
index.html
s0.2mdn.net/8247229/1635940847221/ Frame B0B1 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247229/1635940847221/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bfc262afb772b24cdfe4566439ee4a3decd7c0c7339911e5e0c1072689ce2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
3115
date
Thu, 18 Nov 2021 14:40:42 GMT
expires
Fri, 19 Nov 2021 14:40:42 GMT
last-modified
Wed, 03 Nov 2021 12:00:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
61467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 6522 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSYD3G0tyDN673kblRAm2KbQHIBZgKUOVWHoNLmBbW2EXxUyPHMNwQXSLH1S8nAAAJu8JN3HRtvJ1higDfbVt2aZrtB9Zd4cSGYq4nvOcGdVPoQcAm0nA1jUDqB6u0hKEBEAqecdRL6Jbtm_caOODaaKxvbfnFPHCaQrK-coPaC_zvOGP9ynN_3N1sgvLhpS6huEpNz-fVZ3LU9Q-Dlh_iPta9ACtL9s7yVnRUbpgXrPlDuvaSfcppumDB6E9i54-vF4GzcX4Bdm65hNtG8ofEH2VAfPxNgmMB3gXyQ2eqOgLja3VYRH7xS8T-FgKIW1a3WfMWG5OHlfmJMFo6SGpv2wKlyexNpo0iGQoScZF0HOV-3Puf4XN74_XB_gOmjPZFu73Ng6rIHszclhtQWn1cr5qK9IZwQTajtF3GCZKTSn5XZLg8YLwrL3pTiCE8boWdlWl1Dpbdj8DCVq5V_kIBMTdQSWKhCP8-CG36w7Ad5e7hvus-EgxPxav93vINe4ziqUz8zF6dWzNt8Q6uIZsNPvgwt6TfBz2o9NtehlHduEIIAYewRTrXwrWl_WVJfcU_QzRDZco0kSFZ7uaLD853SmXZYI1yccjm9daotju_MzcmbgXeATKMMfrf_f1iWonfyK_duh7b5HRnx45HsoJrOkDpkF7ptkk57CdAWNik28bEzMDa9l-K_9FXQP40jf2zW4TQpRC-UCUQBFNKN7pdtsE2qF0T9kypVwpbmUClY9MXouhaY-JGR6-hp5i0zn2MuG6_kAG-Kb37mzuZfF3D2h-SsYht2SiVHxplncIToGsUS6DLaGGdz_E6yvsj31ajEgxPrLZ7RwCAI0tHdH7gA3ZY1LQePJHToeq5kSY-aOtFLceuckGOuGBmKIyj7NXXIacVn8YG_aULRPq8q4s0UiU4GSDeaGBOUmqZ_DF3_YOyY_Q5gN0x_lNfQAZu2jyUHwOJUqrmvPY11gxQY3MqhX8AnwGa5AyyUMdCUsx5ooryK7_082Bt8auleeT8t901J-W0h1FGNUZH4J8-vSn1GvKQDPunOJY1N0oY6UKppmxfI1pOMSwD6YjqtXompJYhcdl8VqWHINi3lHcmjeA-RLuqCVArGleoGFPvKJqEOt4KPowZTXSykDPWrEoSjvDhvEt9HGoIj1WLdwk89HTL0vwxQ70dqGO3AzW9OQ_KduVj9zhzWn2Ma2zBeA&sai=AMfl-YRLeAPR8LptPZNllzGg9NttJEKZ4tvoji5bQAoSNcKF_UqiaaFXOxQiEz37JejyCPrKNY0_pQ7_oX1yvqhaKdBgDUM-NPEGlYrRMNBsFvqxrHYLOuVlc3L1y-SClLi2i8HaRthbV8Hmxl2sfcb5WIzRbW4yPw&sig=Cg0ArKJSzNK4cFEstC5YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=106&cisv=r20211111.58187&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
date
Fri, 19 Nov 2021 07:45:09 GMT
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control
private
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
ad_impression.gif
beacon.krxd.net/ Frame 6522 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=rvp2er2m6&advertiserid=8247229&campaignid=26757388&siteid=7060575&sitename=N755990.3107238APEXEXCHANGE&placementid=319077635&adid=%adid!&creativeid=160760665
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-79-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1637307909
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
4.js
static.adsafeprotected.com/ Frame 8DB7
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/854720/58245029/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=&adsafe_pb=https%3A%2F%2Fsta...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2156:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.dE8GzWxKfXQqzvvlgh5KE0qyRRPCPpe
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
313273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 08 Nov 2021 16:43:48 GMT
server
AmazonS3
date
Mon, 15 Nov 2021 16:43:57 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
utyBkO9NRaj4k0tAg0LPx__LCfk9tt4su1u1kWVOFfYqazxK7U9qOg==

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-server-name
app22.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYeCwMODC7_UP7qycyAQ&cbFunctionName=goog_wrapCb_BFaXYeCwMODC7_UP7qycyAQ&true_pb=
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame B3E6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
4232199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
RDSXp-BFVYthIBmk67fAbfYkog916k8dpNMEP6iJos9PMOXcGBqTKg==
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlow,pingTime:-3,time:41,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt58.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlox,pingTime:-6,time:42,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:www.kanyetothe.com*&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
4.js
static.adsafeprotected.com/ Frame 6522
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/854720/58245028/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=&adsafe_pb=https%3A%2F%2Fsta...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2156:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.dE8GzWxKfXQqzvvlgh5KE0qyRRPCPpe
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
313273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 08 Nov 2021 16:43:48 GMT
server
AmazonS3
date
Mon, 15 Nov 2021 16:43:57 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fLow-E0yMX5kAsipUDxdh6jMtj4C_USEr3S2DOjO-DE3W2K2fH3_CA==

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_BFaXYdWkMPWU9u8PtJyi8AQ&cbFunctionName=goog_wrapCb_BFaXYdWkMPWU9u8PtJyi8AQ&true_pb=
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2DDF 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
4232199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Oh-Fgb5NpIuWeXMCdjvc-zVwbRz6HDNVSq5ybfr9BhgAjLbLDgvx2A==
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlpg,pingTime:-2,time:87,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:521,mdZ:657,beA:662,beZ:663,mfA:666,cmA:667,inA:667,inZ:670,prA:670,prZ:676,si:681,poA:681,poZ:698,cmZ:698,mfZ:698,loA:704,loZ:707,ltA:748,ltZ:748%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16.854720-58245028%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,sinceFw:66,readyFired:false%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlpi,pingTime:-3,time:43,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57Xr+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt55.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlpk,pingTime:-6,time:45,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57Xr+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:www.kanyetothe.com*&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt49.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlpr,pingTime:-2,time:52,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:508,mdZ:695,beA:724,beZ:725,mfA:727,cmA:729,inA:729,inZ:733,prA:733,prZ:737,si:742,poA:742,poZ:760,cmZ:760,mfZ:760,loA:768,loZ:771,ltA:776,ltZ:776%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,sinceFw:34,readyFired:false%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt53.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
12871091840103540192
s0.2mdn.net/simgad/ Frame D79B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12871091840103540192
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:00:02 GMT
x-content-type-options
nosniff
age
2707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6944
x-xss-protection
0
last-modified
Wed, 13 May 2020 13:23:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Nov 2022 07:00:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D79B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C69MrA1aXYcTSO_29x_APg5Oz4Ai145yDZuzuu7jaDvAuEAEg9drLGGCV4pCCoAfIAQapAiRKBxJ9DLM-qAMBqgT5AU_QjOs-1W0fM5RvYoJy_HY0huCSOi4AGKzk55syp9oIdtpy2xqAO5ybYL-a42Mkb8kDb74MBEHmmWS9keSc3uDy8n0kcriuzHSlBEpp_2tUcbWmT3HrrcxXHYIDbhPon5rVRzuJZPlPK1tQnWGq7X_hNTLl5ig9UjKx0osxW-SSYR_pQMas_2hMy8cX9wmoC-rtffibAtYW4aud27n0UKpovzkG8Krc41PcO6AnTXHC1WN-xtfQylDVJEVE46UueAA29hm572wDOLHnumPQY0JHbR7XS-c9yd6MrD8TqkFMxXUTrlk9UyCwO0j459VWX2MxddGsGSay8sAEgfO3zMsD4AQDiAW5zc3eNJIFBggDEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH-b-YYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEPv2ExihmsmxAdIICQiA4YAQEAEYHYAKA8gLAbATkcHkCsgTotqVCdATANgTA4gUCNgUAdAVAYAXAbIXHgocCAASFHB1Yi03MjA2MDIxNTU0NzkzMDQ4GJ-vBw&sigh=SVzibGw6-Sk&uach_m=[UACH]&cid=CAQSOwCNIrLM_4mUmUq26jTd8ggICwHs7caIK7j-xDn0ZG7Ckgswlga12P4RFtI-hGDZLAROrmGUQ71-PrHR&template_id=509&vt=10
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame EB47 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Nov 2021 06:58:24 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF8D 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 18 Nov 2021 13:26:12 GMT
expires
Fri, 19 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
65937
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D79B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72849cabc242f7f7c41b430bf7a1ca53f81252b960c87365960b6808d54568ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame D79B 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kw62us54&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&sei=44724516%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=styleframe_video
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
volume_off.png
www.gstatic.com/dfp/native/ Frame D79B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/volume_off.png
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 09:46:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
165520
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 17 Nov 2022 09:46:29 GMT
pause.png
www.gstatic.com/dfp/native/ Frame D79B 		763 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/pause.png
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 18:06:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
135511
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
763
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 17 Nov 2022 18:06:38 GMT
replay.png
www.gstatic.com/dfp/native/ Frame D79B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/replay.png
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 21:23:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
296497
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2305
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 15 Nov 2022 21:23:32 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D79B 		27 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ATN3_iCc-sfQB7shtgVoEjnY9EIyYw7DeDasyz_mt5xvBZx8eRNMqohWI3n6x-0sPXUg7md_LEPZQ2jUdBAKgN25OanQ&dbm_d=AKAmf-Bf3gKgYfW1u42BAonDJWanyQHG243bqHpuwovUA1KqFTqdgGQsc9ziUVZKDB8nRDCjsIAf8N8N8wBEJkag6GLPms_AncHZHX1zqUyDQp8Yd7FLWr278HewZZhidkhn9CVZrph66A_bEnRZb1l4Mbf3-5cMM87JqoxOnJ7O0iyrskp5mmRYBSilmoU1Cdb9GXsiqHndiGeg1MjZrcvewcLykfeiCEiWyOgaa5rIutc2EKrQypC9hDlxjtNOKBjXYrZAaU3mv9pmpY5XFMwkGfllP8EPg-7vCYQiyfn7EMbSEQ9Np6nsMT82bPkgwn0uhDaN17uh_1YDa9H34bXNdBNF-8_ZNSUhGrlddPo5l-9m9SFXWR8hGfZF-pMvEECoP6vmrLUSKth4Tya81m95SNxzizDK0iC2BbSA9vuxp4d9-bkShuVjfxWq3i5QHOWiVrsDWAMyb_F5lo4XhPagfxPtXLfNoFhl9s6x40FYRqM6O7UXIcScnOkNTHB4RGgw68zpEEQXR5ogbavDSVbAI5Bn4e2UVSOIS15ac8_FKRTgxJy-lvICgWSdkSc21PV7SVXFhTaHIfv43okfnzkKXNgeqTqOD5ynmRhmt6sr7emNfIbmTjvTEN7Q-_vGxi4XN14Bz0gbniPJXQEuWxhKgAb4_u8DwtEtqhddNtsYq-qNu2ya1XGthPgptiTfbqDxtf_wASidjkXWwy-sMFVJvhbHor8A7z3fqupCODrh-UPBk2mHfpCByHNbbfmwOARI7lUo-9upNRBxgozBhq84MYFaL17Q6zocXEvAcQqgxaC8cjbm686PYVdcOxRAw4JCiITvmbMx6rHH6NKTb6HqbVYhcsAUHeBQcQVY3NzBpyY5fhchQ8YC2YZUQ7p2yEftVEvNL81vDTue5-paYy0p1Z3rfehie5K-lRhhXOK-e1pu9_pY9x5ZUK8MvyWlIigMNn8y5BkUtl_RYtxu1ZqVfl1f1zzxwjShI_cMCkj-sieVHJV0TdsTZNIRPAdbPo530ZoTXIEvysNcsEzqEO8BD3X3oMCMKTPEDBfh1MJAo9nD58TplsOhPnG5vv4V-dYlOkdGBkHb6eqU8Qu0O6D-pOWUGjb5hj8G-iUPRxnJvOEE20jLXsHwxi0eenl9YpiHDBkXlL_YX70e4PEhREFZ_FuuesLjkffCjh8dD3JzaGXXvRO3f6tXLfAm3OGG1y6jZLbxjU5EglFQOXgF16I6LeYJ65xbgTehUCn7aXeuA2ghjmZ11RAWkpjqf_3vRFRTn_pgAJdbJZTLbLpTqgagR3t0hMWOhDn2Cb8ap5Qg0O3rQExFniHGz0rZb06_Eyp-GA6iYhOgcdFDhjYm98-BtZXLzI9letNOTKYFxWCcSTP3E420ONg7cqgtwn0yswtylLnHZ0BEE97HidG_IhTJpJrkA_ZsabymxQXl5BGco0uaoo8EZPcd6CEi3hIC55C0iYnUoo79tI1xGMYd3rrFXUAd1O8_6Cl2D3hXL92RVnwSx3iEZyP1tAIwtdyxE2LoESAlxXvN23e78fxH5BtCud-TSH_cRhs3yQXekY2Hxky_YA47RRM_wBiwRlh4bjXwqrFme77IIfuRjUmI4-WHskzZXBg6BK8dtUey3JpciLXX_bAC7rkMneUNkC4flTbt_MIgaky2ShSddf8iPAG902VyxycIMLmEe3iDjWOP7Pu06Y8Klv5YRA0921fsIP5AC5ERP0aUIKIL9drtbauwDtVEpVHpGJJZlbTVMc0KN_D5Q9bWY83dDF3O_Yp9Q0d9o-DFVCsjJjsA1Kx7_WRMMDvdGHA1pe0_084J09cxphF5qObhWjErulkzz29eRQ4H7pckHw_2gPVyyFgjZLBp_f8ECS4CPH4cwK-hVbvnHDmVw93iA2k_0HDGzRjViaFt_T4SZWFvpA6WWa36-0C1HKvD4B8r25Tc_2A-o1apLSjTtRzskhenLq8fWzTY_aDphUVjEO-UkHTvhQX9-63RoC449LqhoOdlTV8oRW08AHSZbrjctrg7UUg14mqXnIpneh_XddPRsjfQbkx6j97eqLZtbkiWt3F_w-Bef0d9VMOeExxTe30oDWY8mQEYXnP-mwHNxcl_r6XokgE49pK3hLSMOv-Z9mnTA2fZLLR0goWAYpRiGBA-Rn7V1Sl2dUDGYWSzWVmjIVXcH15D9vyYQEL0yTQZUN44fs3DHJORlNABQobnsjdLlpcazRSCPRqZL6tJwwX0aYpaI32CKluDHPOJY-9P20GsqTKohasnavFoya4qy5_XlxQSpDuwDIfxnbODKQZWFgB8syygViKByAK1us0TnhjAF0dONuqoGEksFtkG0fj1eNacOM-_iEoQ3RFhzb6kItEzTsUAiPWmRP7PtKg_8nbOeDHSp7U4OrHHUjUZrK6yVFc1MZCbwovUsgeUDftjwSTcO_1DuJfnMqD_oRypJX9tKsawhRp_x3Hxw4AYJFwULBjb-i_G-9oOswHTzcNehycy4LfFkA3KF4qPBStogfVDcf2AG1jeouMkzb3HpkDBn8vEkEvSkmGqvPL2LILvuZ1MPhNr52L1bDNaR9j7Cy_xwTIl9lJzVgjh5vL9Y96ZU3XlGMTfDJSDMPVMuqoroQULsnCh3hoe9Oq2s4cPJq4hsQiHn63UwB8bTDhxvxVKG4RIylqES6f3cRHdf-qVt8cIAQLdRSMQg7eOSnGodI813v16HV5wCpjnC2qzT8GEoaxJUNhiK-N-aUBm-OoNrKnJAP7qU-59d2-ETEn2zOHCPjk757dPCoUIaUqJO_E-NgdMAv0GcriZLCERTUcfDA5iWlUsmmK-Vug7Jga80n2vlxyXwi5idOypPOSilje0OZLvQ4OysEHIOjufyLLx-weZMXu2GM7sYPYKW6WNLNOj9Et1s5QV6aEbZ0wsH9_0v35wafHuWnRcnzd6cCwU0svgqmcbAtOcjTG89NDn-oCe2Un7BGcPSMYERIS1Ur4&cid=CAASEuRorznpj6H869oJSkzOfiSSqg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
cafe /
Resource Hash
0bb970334d2fa7175c6064a97c407d5284aedaac1cbf43757e19c18154cb36ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13652
x-xss-protection
0
pragma
no-cache
server
cafe
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8DB7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 17 Nov 2022 15:31:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5E13 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 18 Nov 2021 13:26:12 GMT
expires
Fri, 19 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
65937
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8DB7 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
370d737d51b7ddd77f92d29484e55550eabecfa41e801a55f25947ff6f6b56a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6522 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 17 Nov 2022 15:31:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FECD 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 18 Nov 2021 13:26:12 GMT
expires
Fri, 19 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
65937
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6522 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83690327745199f8f1e06235efd1cc8b335d6cfa06524b6b9ef47568b36837e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlrC,time:233,type:e,im:%7Bimprf:%7Bttecl:339,ecd:11,tsecr:64%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:233,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B227~0%5D,as:%5B227~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16.854720-58245028%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlrC,time:187,type:e,im:%7Bimprf:%7Bttecl:372,ecd:9,tsecr:48%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B181~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt58.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
i.match
s.tribalfusion.com/z/ Frame FF8D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b07d1431821f937-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b07d1415e08f937-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeaZb6VH4z0EQbMdB_SGnk&google_cver=1&google_push=AYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKwMm519radRikVkeIhtcP1NAolGd_gX-ttneCnXcK7eyvABTObKrZbUwm9zHQk76GV-6ZR-g0VlA_fVe_HHpuu2h_r83u8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF8D
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEOzaQEQFGV3Q9bqry_vc58&google_cver=1&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1Zo8wL3yJ87HAnTrQ&google_hm=t9Qp3BctSwe93YdxJBpCB7k
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1Zo8wL3yJ87HAnTrQ&google_hm=t9Qp3BctSwe93YdxJBpCB7k
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIFUFwGMsxMNhOClH_IglCxAdDSwJY5xarttTwtXEf5Z9rlbzp87AIGiOyJHe6ZoMvBRe0P1IuJJf1Zo8wL3yJ87HAnTrQ&google_hm=t9Qp3BctSwe93YdxJBpCB7k
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF8D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECjIu_KvZ5-WHIT-_UnULGo&google_cver=1&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbW...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMjE4MzkyMjY0MjUxNjEwOQ%3D%3D&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbWhCb6...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMjE4MzkyMjY0MjUxNjEwOQ%3D%3D&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbWhCb6oOTNYX9YZ_
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMjE4MzkyMjY0MjUxNjEwOQ%3D%3D&google_push=AYg5qPKmJGqx8Fzl0keymbBpij74H88Iz2K4dsCb2gRo8QwyLM3h1LKjGeJaw0Ktgd7bvYhIrIwswzgRBhRcbWhCb6oOTNYX9YZ_
Date
Fri, 19 Nov 2021 07:45:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame FF8D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGL3jrO1X0Lpkwp4iUBqz2M&google_cver=1&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6g...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6gATmJv&google_hm=MzM1NDc3Mjg0OTkzNDY3MT...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6gATmJv&google_hm=MzM1NDc3Mjg0OTkzNDY3MTc3Mg%3D%3D
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Nov 2021 07:45:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKeHcUZwfAV_q9Ij5vOdU3QBuZ3VV_zA9P3_ai2-wflthHxH5f8pu3T7GIg7GvDnNLYcYEPN8voAXBKtnEiZb30d6gATmJv&google_hm=MzM1NDc3Mjg0OTkzNDY3MTc3Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame FF8D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEORkmrOgc-0bgSXfbNhtSvA&google_cver=1&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE
  • https://rtb.openx.net/sync/dds?google_gid=CAESEORkmrOgc-0bgSXfbNhtSvA&google_cver=1&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&google_hm=P1hwvPX9wHAK_3bGlHPMGA==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&google_hm=P1hwvPX9wHAK_3bGlHPMGA==
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKfsD6qSHWj4AcCbst1za8FyHzE_k0lkvQcuVcrgBS_YmngyRZqsPNJb9hfRN5mKtzmcucea8QAy6ujygu0CmjlLNk_mfE&google_hm=P1hwvPX9wHAK_3bGlHPMGA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
rcrm308nk2c3t0k5e50t3ve0gd6462cm
us
sync.go.sonobi.com/ Frame FF8D 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIjThhJ1Pl8_R82HHAex-BmrB95VTqmMviF0Qq0QUq0E6GY6P7rhMSjzwwKBCZHE-fqCNpjgv9mhCnp7rTZfGciKS6rSFD1%26google_hm%3D%5BUID%5D&google_gid=CAESEIcA4ZJU1UjwXfbvoQfcXXw&google_cver=1
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF8D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELjggA9tAG7cfJUqAOyzcs0&google_cver=1&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELjggA9tAG7cfJUqAOyzcs0&google_cver=1&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA&google_hm=04b35164e58183240d250ae9
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA&google_hm=04b35164e58183240d250ae9
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 19 Nov 2021 07:45:09 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL1JQZNQVa0VdhustS3-OBmUAn7_2od9ai9fUkdlGq1ntY-hOMJvzIjlJnhDEEnpXHxkCnfwrU4bw9Wkc2iZzBoqUKtFJA&google_hm=04b35164e58183240d250ae9
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame FF8D 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9KyAEjAZa3ObS0BZg8cbPXGgB3WrTM5rgDxX5sBl2M7-sc1XxOvxjNLI_48ciKhBmC0a4
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
si
googleads.g.doubleclick.net/pagead/drt/ Frame EB47
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Nov 2021 07:45:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Nov 2021 07:45:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Nov 2021 07:45:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DB7A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 17 Nov 2021 15:43:53 GMT
expires
Thu, 17 Nov 2022 15:43:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
144076
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4143 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 17 Nov 2021 15:43:53 GMT
expires
Thu, 17 Nov 2022 15:43:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
144076
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGFec7F1uoz_N8X6ma5EOls&google_cver=1&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWv...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWvwjw_5H7uybPI
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWvwjw_5H7uybPI
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 19 Nov 2021 07:45:09 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL5kqAouh4mZgBVe5gXZA-uNd0M_Pv2ue-BWHfGq3HJmXHUOcd2nCJNKtjMnJNGY79etaNhldVRUXjBNKWvwjw_5H7uybPI
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Nov 2021 07:45:08 GMT
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENkQ6bQofFELFoKHAFthqGw&google_cver=1&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj418CPGVoOdY4O
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7F6721DAC22A43E694B71FBC2E8AA916&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7F6721DAC22A43E694B71FBC2E8AA916&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj418CPGVoOdY4O
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7F6721DAC22A43E694B71FBC2E8AA916&google_push=AYg5qPKQdczKdtp5k04OGYezYM6nyWG8zN0FOuRcIthuIVc-8vG0GWEFNuIsuwk2xYn32YyToSP7k0r178XVskj418CPGVoOdY4O
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 18 Nov 2021 07:45:09 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5E13 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN7F3XwMF-XglM92xOiGleI&google_cver=1&google_push=AYg5qPI8XLtwuG_H80qLRzsNRR8iu-54fAzQKDFhSmXexY50dSykJyYiGxk6bOoxtyliVcvp_a-5IyfNyEueDDihyCAQEh07du-i
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEHiL1ogZyqGlIxt2fS0v5JU&google_cver=1&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOiZc8hZgHXUlaCxQ
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aV9lQzRlOUZDeHFUdEpROEJsYVhZUQ%3D%3D&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOi...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aV9lQzRlOUZDeHFUdEpROEJsYVhZUQ%3D%3D&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOiZc8hZgHXUlaCxQ
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=aV9lQzRlOUZDeHFUdEpROEJsYVhZUQ%3D%3D&google_push=AYg5qPKgbjSzRfHZYEBvm_P1RJO0D9gVa7-R_chDxH5dMHm57FM54-TzX-6oSwJ2TJd3AadxDoMOWJJehuAOiZc8hZgHXUlaCxQ
date
Fri, 19 Nov 2021 07:45:10 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
dot.gif
s0.2mdn.net/ Frame 5E13 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECIMDFJpdPxrc-fix-MiZzY&google_cver=1&google_push=AYg5qPLPvmoH0hcoiRHMsOp5QkLWT4PjI8mzXu6ltgbRoz3qtqnwlI-IIKERwuIEUtbtMvRresIFMML0Pyzmirf4FlO-OxiU2vGa
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Nov 2021 07:45:09 GMT
us
sync.go.sonobi.com/ Frame 5E13 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJPOHI5jg43ITAabr50LZwWh68ElDJ7qI_lcMFwb1nq3Y5-nvJWHzMDNDrWq_Pc9RQ_ch_U7Im6YF8Zxog51L7GeVRzFYI%26google_hm%3D%5BUID%5D&google_gid=CAESEIcA4ZJU1UjwXfbvoQfcXXw&google_cver=1
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E13
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJDCe0b5xGrAgISGlTXol60&google_cver=1&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyOTQ0NzkwODgxNTI4MDQ3NzQ%3D&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc2...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyOTQ0NzkwODgxNTI4MDQ3NzQ%3D&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyOTQ0NzkwODgxNTI4MDQ3NzQ%3D&google_push=AYg5qPI0WPaT6kT7ubtqnuIjPBRaWQdS_5u3XLgVHEsKlfWMv270aXkAZIchc27zoYc6E6TnckBh5lC-dLKZmgVqyQPC36m55SMn
date
Fri, 19 Nov 2021 07:45:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 5E13 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lo5C0X6Pfj1KGn5oKPCCxoDDbe0MVjZznQiKWQUJGVc0sH20rHQXev2s8wtIdWMfM9og8Y
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
file.mp4
r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D79B
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/acao,ctier,expire,id,ip,ipbits,ita...
916 KB
916 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/720082D023F6DF0887ADC9FAEF82362FA23C7E13.8492747A33868AC5176326D5942A39287C79F121/key/cms1/cms_redirect/yes/mh/8s/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznez/ms/onc/mt/1637307644/mv/m/mvi/3/pl/49/file/file.mp4
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:11::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1bb21d457aa1a8fc0b295c99c4318f14764a2e2e599939215c743b4e316efa1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Aug 2021 12:10:17 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-937583/937584
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
937584
Expires
Fri, 19 Nov 2021 07:45:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/f1e18c610c3aa301/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3772527038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/720082D023F6DF0887ADC9FAEF82362FA23C7E13.8492747A33868AC5176326D5942A39287C79F121/key/cms1/cms_redirect/yes/mh/8s/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznez/ms/onc/mt/1637307644/mv/m/mvi/3/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kw62us5p&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&ulv=1&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fadmanager%252Foutstream%252Fweb_video.js&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kw62usbm&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fdrt%252Fs%253Fv%253Dr20120211&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kw62usbn&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Fvolume_off.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kw62usbn&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Fpause.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~kw62usbn&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fdfp%252Fnative%252Freplay.png&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1588 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1636534337098/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1636534337098/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 07:45:09 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1588 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1636534337098/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1636534337098/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 07:45:09 GMT
index.js
s0.2mdn.net/8247229/1636534337098/ Frame 1588 		319 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247229/1636534337098/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1636534337098/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd04f4d530ec4b2a29a279e286e19ce39595ed78ef58c11c91344ad057d03650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1636534337098/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47248
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 08:52:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 14:40:15 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B0B1 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1635940847221/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1635940847221/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 07:45:09 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B0B1 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1635940847221/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1635940847221/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 07:45:09 GMT
index.js
s0.2mdn.net/8247229/1635940847221/ Frame B0B1 		325 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247229/1635940847221/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247229/1635940847221/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
079859f8d3a75b54c3a8b3b9bcb26c545ff7f60f75b3e63547afa42a47488cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1635940847221/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47110
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 12:00:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 14:40:42 GMT
dpixel
cms.quantserve.com/ Frame FECD 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKC_zWSMjdlnI84cT0R49CM&google_cver=1&google_push=AYg5qPIOoE0J9QMmctB_HSQCFaXCyO8hgdl4Vuxjt12AtktOagvI_YCU4wo6I06Cfy5HiYjZawdvP9xLoGmQMwfiNDfe-H3EGF-r
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame FECD 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKeWTFL0nZKtFUaJIRsM0Y8&google_cver=1&google_push=AYg5qPIk1PagojaVTHBGsRcf6rOreerjHtIuFDcyh2HitVgJ7FBUGO8rgE67_SPAkHRKjy1HJjj1iMJBhlCHFCoOoFnMgJ327_GZ
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FECD 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEA261Wg8ePKf-t5ykY4s_38&google_cver=1&google_push=AYg5qPIZfK7w2ZJeXll_K4uFeHmrJOA88WPD3siplqCoko9gVjiqra_sZzcL_ITSuADc8DYVavHHjYZ5WlCGAI5Sxz6qMntmFd-i
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:08 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame FECD
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEOzaQEQFGV3Q9bqry_vc58&google_cver=1&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-yku...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-ykuV64QbOUO2eaoodpnB&google_hm=t9Qp3BctSwe93YdxJBpCB7k
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-ykuV64QbOUO2eaoodpnB&google_hm=t9Qp3BctSwe93YdxJBpCB7k
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLXmycJmofjIkmwccwrzlqvO6XVJxTf9HlUfwZ9zumQaB0XzCpH7I4EmkO2l6lsf8RQZygwM9Q-ykuV64QbOUO2eaoodpnB&google_hm=t9Qp3BctSwe93YdxJBpCB7k
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FECD
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEO87WDGCqNWtq2IF_aD44wA&google_cver=1&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJJLICKCXmv9pKaci5_JZY37vw_PQFTOm&google_hm=QXowaTd1dnR1TVU3LWhucnpp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJJLICKCXmv9pKaci5_JZY37vw_PQFTOm&google_hm=QXowaTd1dnR1TVU3LWhucnppX0o3amc=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL7LffR4YZfaUFkAavx2QVGpmAV0_fg6Ql_V8AJLlbx7hX0i7DWfbGfZH92DjBDJJLICKCXmv9pKaci5_JZY37vw_PQFTOm&google_hm=QXowaTd1dnR1TVU3LWhucnppX0o3amc=
Date
Fri, 19 Nov 2021 07:45:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame FECD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFddBrbOxb8ON55z7V3RgiU&google_cver=1&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduYgh1ghLPmhRK2jJiS0ejDsNnI
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduYgh1ghLPmhRK2jJiS0ejDsNnI
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&google_push=AYg5qPIZ9fp1Wj93Y3ubsr4ifxhOVhVBHDI-z0ZhOSNokHe86ftcpQ18vNq-t_nQvNpSJQsMduYgh1ghLPmhRK2jJiS0ejDsNnI
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame FECD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-97d62b28-8c76-4c40-8100-f1b2c3a7167b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLgRSm3ywRefmNFNX0QX...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo&google_hm=A5fWKyiMdkxAgQDxssOnFns
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo&google_hm=A5fWKyiMdkxAgQDxssOnFns
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgRSm3ywRefmNFNX0QXm2MnHfgqF0DBCmjCw4_VT3G8WG3uR2Q-WXPQlJ2rcquzMToZYxfAcPI4RZVpqXpuSrcuaFuctVo&google_hm=A5fWKyiMdkxAgQDxssOnFns
date
Fri, 19 Nov 2021 07:45:09 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX97d62b288c764c408100f1b2c3a7167b003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame FECD 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KT96C6IfSnSOrEoBbTUSimEfwY9uN1L-kZbh6aqwOTsOWZNsYq2e-tT32aOJjfZwQ3rhc1
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame DB7A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 21:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
37058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 21:27:31 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 4143 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 21:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
37058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 21:27:31 GMT
img1.jpg
s0.2mdn.net/8247229/1636534337098/ Frame 1588 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8247229/1636534337098/img1.jpg?1636387100839
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5480a574ad434103747cce480c50a3d98afa99504cbc039dec615855d2c35fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1636534337098/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:40:15 GMT
x-content-type-options
nosniff
age
61494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61552
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 08:52:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 14:40:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8DB7 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9nUPTgMMhhkOXv2X6jLsENqtqoXQhiWjK4rkUFuntmjlH1cwK6sD-yB9C6Nm6VvC1_WwV7HW2qkVQvL-ORzg7SerPiuJ0zeTjtAT1BN9z_HdkV_fa83NWz1CkV0yPRU5nYMq28gM__LRVzq_2cGKUoL1Btk5b3iBe7t7B27ccWE1yTebZNypAakQGuFWXVJtQsgXVZk8rCCIZ5IrjJRWspec1Oa8067AVmTudQfk9vT6POGs5-GmbaXk9lwKN7ATXIMzDdq-fp5ecHDITDHF_LrXyKE19MlzHBnTGUgUGiynyrN28exgZ5iJDa7BN5Ayi_ZjeBuTWo2mzFwVnO22CydCPle0WMvJysvVsrHIM1nsNlLxvDGjw3N8F3QVobC5nQl_8-CACZYoExnODzC9N0jlAY9XGV_a8953QQIG_hecDbQ9dy5h23sHM0guSAjr0ujfc9B_LMTZ714xWkpcfLVs4AAKlVSXIweaJ-6bi_lULfMzD56WijtB7ogokF9p9OsSs5oYVZzTo6IVXikxgu_oz_zCeP6dJxEw3S9YpI5C1jF2zo63wYNqo4zE2y37ZBRFWy5_nIlyr4IlpxoC6w1Jej-UxMP9zETNLDJKf-cz25DOMgvBXhIeSJ32pBx1fnMTF-krK7gw8WO1bMWfcrlYCIKOdv4HaQG6BcenjnuF4lCGND5pJv31Zk8gk3cY1AGo7FXaGDUEhO6nV-0p4BvGd-HRcL1BpW0CoqYcMzpKK8dBChvWt5RImsVUkd15wj8e9_3__C9TpiKszcD-rwuFLF3F0Y_mMIbw5dIMKehYoDTs2Z36Ypfk8OPSxYJrh7abqFZp_zkNriuesNsJ7LQazl2uaNi1ae_dsOTS9ymFUBFCpvaa2HrrsDHSJYxUeEO7c0YsnasDekagbJyGZOngpv8zK8vvY1AnnvcCNzk0UR9szV4tNH8EdV6CXHVfWWC4m6AWNY9mwgixRUzJnuQCWE0gsOXmY5zCg-1oxpU1pwwX2rrji9uPFMWMJEGYHjYul4RxyhVwFLAWmu40jx4ZmPW-Gg3lN4WOo2fF-oC7xwn50fbRbBwnwUxD7qz8LZckfi1_66CSWb1cIupgI5jLd96s7lFf2j6_IqwMp_SoljsxKNP6v16pMAfC1iHdV-TJp4fvRgr2YnQ7GhLMmv4xGFDvxSKZXUBqjMXY-eudRczeJmgg6ND_Mw4c&sai=AMfl-YQqGWpiHRbpWPwtNTPMyqK-3POkm_jLb8AZ8yoUBLzJmYhTsXo0RYWPN7gYru_GIof6pOKZAY7yyjg1N0YVRQJaCSOmh77u3cFnbur_8tdEh0FJ1qaNz1OatdUUUkiil1TSuppvaCZ1JAothTJ1uEvMmWlu5g&sig=Cg0ArKJSzPLAUfM6LuirEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=626&vt=11&dtpt=551&dett=3&cstd=73&cisv=r20211111.72661&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
server
cafe
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
img1.jpg
s0.2mdn.net/8247229/1635940847221/ Frame B0B1 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8247229/1635940847221/img1.jpg?1635508679703
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8b03e5a5fb935065ac62f39e7135508acd4d5497cef2800514734bfa542f21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/8247229/1635940847221/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:40:42 GMT
x-content-type-options
nosniff
age
61467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49334
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 12:00:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 14:40:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6522 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSYD3G0tyDN673kblRAm2KbQHIBZgKUOVWHoNLmBbW2EXxUyPHMNwQXSLH1S8nAAAJu8JN3HRtvJ1higDfbVt2aZrtB9Zd4cSGYq4nvOcGdVPoQcAm0nA1jUDqB6u0hKEBEAqecdRL6Jbtm_caOODaaKxvbfnFPHCaQrK-coPaC_zvOGP9ynN_3N1sgvLhpS6huEpNz-fVZ3LU9Q-Dlh_iPta9ACtL9s7yVnRUbpgXrPlDuvaSfcppumDB6E9i54-vF4GzcX4Bdm65hNtG8ofEH2VAfPxNgmMB3gXyQ2eqOgLja3VYRH7xS8T-FgKIW1a3WfMWG5OHlfmJMFo6SGpv2wKlyexNpo0iGQoScZF0HOV-3Puf4XN74_XB_gOmjPZFu73Ng6rIHszclhtQWn1cr5qK9IZwQTajtF3GCZKTSn5XZLg8YLwrL3pTiCE8boWdlWl1Dpbdj8DCVq5V_kIBMTdQSWKhCP8-CG36w7Ad5e7hvus-EgxPxav93vINe4ziqUz8zF6dWzNt8Q6uIZsNPvgwt6TfBz2o9NtehlHduEIIAYewRTrXwrWl_WVJfcU_QzRDZco0kSFZ7uaLD853SmXZYI1yccjm9daotju_MzcmbgXeATKMMfrf_f1iWonfyK_duh7b5HRnx45HsoJrOkDpkF7ptkk57CdAWNik28bEzMDa9l-K_9FXQP40jf2zW4TQpRC-UCUQBFNKN7pdtsE2qF0T9kypVwpbmUClY9MXouhaY-JGR6-hp5i0zn2MuG6_kAG-Kb37mzuZfF3D2h-SsYht2SiVHxplncIToGsUS6DLaGGdz_E6yvsj31ajEgxPrLZ7RwCAI0tHdH7gA3ZY1LQePJHToeq5kSY-aOtFLceuckGOuGBmKIyj7NXXIacVn8YG_aULRPq8q4s0UiU4GSDeaGBOUmqZ_DF3_YOyY_Q5gN0x_lNfQAZu2jyUHwOJUqrmvPY11gxQY3MqhX8AnwGa5AyyUMdCUsx5ooryK7_082Bt8auleeT8t901J-W0h1FGNUZH4J8-vSn1GvKQDPunOJY1N0oY6UKppmxfI1pOMSwD6YjqtXompJYhcdl8VqWHINi3lHcmjeA-RLuqCVArGleoGFPvKJqEOt4KPowZTXSykDPWrEoSjvDhvEt9HGoIj1WLdwk89HTL0vwxQ70dqGO3AzW9OQ_KduVj9zhzWn2Ma2zBeA&sai=AMfl-YRLeAPR8LptPZNllzGg9NttJEKZ4tvoji5bQAoSNcKF_UqiaaFXOxQiEz37JejyCPrKNY0_pQ7_oX1yvqhaKdBgDUM-NPEGlYrRMNBsFvqxrHYLOuVlc3L1y-SClLi2i8HaRthbV8Hmxl2sfcb5WIzRbW4yPw&sig=Cg0ArKJSzNK4cFEstC5YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=661&vt=11&dtpt=553&dett=3&cstd=106&cisv=r20211111.58187&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
server
cafe
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlwV,pingTime:-10,time:562,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1637307909563%7C%7Cc4d6fa40938776905ef7d62ab6843496%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7Cad766bb1dabdbc8c0deb5fe2d9a53bad%7C%7C5b501de218d9a02a04934e86b0a3b326%7C%7C704601b90f3ecd7a84060233a1077bcc%7C%7C2ee696f3e2441af5140f0ba757b50ba2%7C%7C1eec354835448e928d74561c8a458a6e%7C%7C1629390669%7D
Requested by
Host: b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
URL: https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:09 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
pause.png
www.gstatic.com/dfp/native/ Frame D79B 		763 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/pause.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 18:06:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
135511
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
763
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 17 Nov 2022 18:06:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB7A 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYRZBBFaXYdWkMPWU9u8PtJyi8AQAAAAAOAHgBAI&bg=!PD-lP3vNAAZQLpa_UC47ACkAdvg8WvZO6BXBvNqlkh7fJtOyEhI51Th6DwXCgiYfkRmdGCiyAYvVEwIAAAH0UgAAABZoAQeZAwUn--elALwPu6jNTr1jHCxUV8Sna_ngPEwZ--Hs_H8bH5pA9ce4UtlaD5yNbDXVzQmCasFFU1DQepRbEoD1tnclYWdlE0s3oNTpexeI32tyfuYZPLzAQqdOe0CXzlJS3sjAXuRphbKEhJ28VYL3l95HSaWAKlr3hV9ZuMPhvWQgmp3uAU4w0xRvP0HwgCY4GGbL79l9rdpj1uWAq16f7euxMsHPLr0EiPxqyKoLYIUhbZldw8BygYcRYSnpQDDMTFMYMeV_DCy_Ha-L9JOuzzB78TtZ1KO3kkKcA8ebo2fZD00O_AxaPO2gbq8ReJWBPFNlzc75izFq2g-me_YtKYCQrApjMI4Hj7yCyQlCMksmv85lkx8_Zz4BdEQG9wwWVcBEbWC1vbqCPfUQfZjxCtARPDIbHG5nmofhDhEcK1kEHtNTb7CyJQtyXjJ0Ks5OSvYiykP74ta3igNqrrny22yBCoj3ANT8Ps1H6B5sVngsDgt4fDjG28bGwsoPRFGYkvjcP-QnPRYIKX9PbP--_oS824E2ogcZBZJENdvM2A0mT58f2wN8LrRCOq5lAUvUczxa8UXuDO-RdMTurPWv_WQ4nwSif_T-0TlRsY91MLFErb4CZAzZg9kHgaDJ9yRJeHTrKxC17OmBX4oNdiX2XXWWi2DONSK6aNnexD3cW6BwS1TxjnSB5wFEt2vhdXNW4vBfBJtExyLxOTOsmsVAJtpXKTOTU0GETVFEAgopfcYuiDdACFuzIxsU4mCgcZO24Wd4kByXjvg25colHCba6MxjluhZz0aBmdncp3W9njS2tUkoAaCi-DQUxw_QYdUj8mJhKQT1BFnlA14fFXB7pTL2-dvEgpPbxaqBVyObifKvfhh5KKs_MxXz_x4bLzOdV7guGVzOZRQ_WPQpP2fPK4frEZLEs2Nz5ueSG0hXUo_Y4Ba4BSVR9nM3c0ggVWRUoY5usH7BfxjofOMot9PEpP60BlYuexa1v_i0PUP33BzEJwJi0p848OzN617pcl71-Dz5trq0hQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4143 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcrnlBFaXYeCwMODC7_UP7qycyAQAAAAAOAHgBAI&bg=!9_Sl9LDNAAZQLpa_UC47ACkAdvg8WszWVX0Jypcs4ilBUygzMBeMz5pqWRcgblFn2y2ta9pTGRrWWQIAAAHeUgAAABNoAQcKAEJ-1i-j5hMqO2ZO6qDrU2bZlLHiR4OuEZqUGweLFQZee7en2x3LrsMrABcPnkVFB0dnJsw3Mzv1yS6jAwrF2l_aHiCZAyPfJKVFJxvODfe7SGpzLbDZ_603n2u8ULSwfigbamYaBZiODhRdXjtP6ZokoiqZu7DsXH8V3W-RI-y1B5FS2fDmt8uBjBRYHVy5rdy_VM2TWjNDrNaBmqwWJjdatwpGf796iy8SgLVsefwM2zbqrcznsw6GjO5m1VLHitcFbJ7_vXTgwbQUEZaSvX_pAIjOpMYPlWLb3Mjix_G7sZRQZBoFuUcUW5Oxhk5AXWjWEHpeEUx0vlhJBNf8Xxu92S5er_VrnLZ-Z5umvUX9jCvNOQpIe8nvhZ9viddOEyg-Bo2Y0hmx1QVfy0scNiZuBiBEx0TTI8GpMMGSwwkhLDpN2bJN4OISJdu5NFKecgH3cp1DeLInSITdSPBjZqNlo4AomCdWxIhU7ZMOpqfiW-XtHrdqn_vq6m-JlWLvOS5ehyc6jLNbPXiS7FtVabvDipvZ7fAVXLEerHN7nkCyJk8jPReQQo7zt_JmYFe1qolrUoeDyaTYCiSkUbOpM2ofkrIJKBRHgJ2-S-6PQBfuvBbBMsEzkx3RYDZyK-LunncIgH6Y9IgOMZ9NPcxT8NzkQu7V8YAGkv_34IMTozYYoW7zh5-bm1osT_eA1YZXCUjeJeh2G6vWVn2uuERSg2A5g_KsJtBuspg6smfBbbHI3_F8XOg5nZno4tVqDjV1aTmolRxIIuild65I91dstDwYIzdqZkIFzVdcpHfuy7NS5uIFGkVpZRHA3sTFLzNSQY_27-k1iCUSYCelqtqBWHAcxYzT06aAXNZK0YGES-M19nv5PvtJw0V23heFqy9egtDbNvUSFxhG-0WSMC5XhSIcWmDqv7PRxh1LbpX85cl--LYNYVCfFEZdbvh7Dfy2EXUW7qlywrrgWCMb3wXP30FtssannONsR0cF01veoTpibDT84CDxK7R-RDX16CwadUN17EVVyh28NSsQsWiT1AibsgSFSRFGkIWF8dei0lv4K2iy_iW56fTcsIBuavwAKnll5544QKzq2Om9wtekcU4dcUPnijZkmH96t1P3aGOnBky6BfIgH_zXJiuZZw781TkaNRb9gNHlAg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlDF,pingTime:-10,time:934,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1637307909563%7C%7Cc4d6fa40938776905ef7d62ab6843496%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7Cad766bb1dabdbc8c0deb5fe2d9a53bad%7C%7C5b501de218d9a02a04934e86b0a3b326%7C%7C704601b90f3ecd7a84060233a1077bcc%7C%7C2ee696f3e2441af5140f0ba757b50ba2%7C%7C1eec354835448e928d74561c8a458a6e%7C%7C1629390669,sca:%7Bspg:f314f16a-ec70-a3b4-c458-99c580feb9ef%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:10 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0FDB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 19 Nov 2021 05:54:02 GMT
expires
Sat, 19 Nov 2022 05:54:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EF26 		783 B
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca7c81d8dd33c3cda776c3767bf1ef4254bdc97829b8cc788b474b3822b1584d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7bwbMR6FRQh31ZFWJJz7UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 07:45:10 GMT
date
Fri, 19 Nov 2021 07:45:10 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7bwbMR6FRQh31ZFWJJz7UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
516
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 0FDB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 21:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
37059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 21:27:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EF26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=2667603799827808&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame D79B 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D1%26dur%3D10368%26vmtime%3D225%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637307910095;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D79B 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CidYEA1aXYcTSO_29x_APg5Oz4Ai145yDZuzuu7jaDvAuEAEg9drLGGCV4pCCoAfIAQapAiRKBxJ9DLM-qAMByAObBKoE_AFP0IzrPtVtHzOUb2KCcvx2NIbgkjouABis5OebMqfaCHbactsagDucm2C_muNjJG_JA2--DARB5plkvZHknN7g8vJ9JHK4rsx0pQRKaf9rVHG1pk9x663MVx2CA24T6J-a1Uc7iWT5TytbUJ1hqu1_4TUy5eYoPVIysdKLMVvkkmEf6UDGrP9oTMvHF_cJqAvq7X34mwLWFuGrndu59FCqaL85BvCq3ONT3DugJ01xwtVjfsbX0MpQ1SRFROOlLngANvZbu97-wONwiUGi3cCmUsT6tr4sRjk9grI1sKBoVGfG77vw--QxniOeEDSuprbOJVnJbff_3AklUPHABIHzt8zLA-AEA5AGAaAGN4AH-b-YYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIICQiA4YAQEAEYHbEJMcj7WXDBTuCACgOYCwHICwGwE5HB5ArQEwDYEwOIFAjYFAHQFQGAFwE&sigh=FsYEvg_FwdY&label=part2viewed&ad_mt=225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D79B 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqdemDGFsMPIJhMfMH_xNiicUNYKcuiRtq_IQ47he-EY6pc4Wgbz1Ep8ekvuT5m3PXgKriuV0__naPkzy4YnjBnYMjQMaZ6Hbos1DEjhgARdW4TCEFRUiW3s26C7FUt5Ersq7zarWB5e4wHhmhs7vo4LQ&sai=AMfl-YRfBh23B46gup53KUq9BxRb1Q9raVtl-QYNmeAHrkq0pkrzjndVOj17utDDG2Oq0vuqNMGQ15XvqWPC6eSWJeQhFulsYY4pmJ0&sig=Cg0ArKJSzDwbPHP6GaAJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
server
cafe
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
/
ad.zanox.com/tpv/ Frame D79B 		8 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.zanox.com/tpv/?45534115C1609939955T&zpar0=dbmna_vid_audtsh_b_pv
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
BigIP /
Resource Hash
8f234bf4323fabaa02d627f4a633652ea5bc6d5323fd528b7c12ef3b6f57b6b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
close
Content-Length
8
Server
BigIP
pixel
googleads.g.doubleclick.net/xbbe/ Frame D79B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDRyVUYoZrJsQEgATAB&v=APEucNXNfs4Dsn0NL_ZNkUcMgxvhp56v04T8ku98ymTIjjKERsK8P17Mz_pMQpnvpYYWJhAH2IC3WVYmXCXXPgeXqSMfss506w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ad
googleads.g.doubleclick.net/dbm/ Frame D79B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An9dnE-eABh1S5vc_gEncoQ5HaEjzcEFB6mhDuQti-NBO7kE6j0MKf9fJ98J7yTYlfdfUjSyEE4fTr36qSV4VYKyLFBAr4vg26suRpA3O4L-rit0gSzJwa6y89sJsoB86hARvkTjvb00Vrziko6eIgyYxDmA&dbm_d=AKAmf-DiNXDiu5RvcCQbICqknpAWPEX0dkopzfu-dX8COos9G6yyp3jT2myg4fzHcCdh325fKNVPWyfUVHIuDKv3L2O9IPRc5pUTLGrbFdFD2AX6XIKo_oA4N9X0rkOHzZlb778Q1DVQpEE9VfVpSRadF5o4EOpRwuap6UeBPA9ROTZD-4MMOo0FIRQSSQzIarVUy7Ez5Rk9-zIab-FzdnNdWFX79fgYNXW0nq_b0Ls40QxC74XVtLYZbIQ19nofn5iK20xfGcSup4xmURo_RLG5_VSPPgySsVjJVIiAf3sG5AL735dY896fr14YpPg3M-28Ae8t0K-UbwaVAc3MxriKP0RwW_wbcX-goJ882mFlhHEkY-5NGEfaIsioqwOjEjhF0PJTVIOXNnZ-l3XCFgBPzqccSSCKAVzU1nYU2VknhQq3dOpA3HeSI-hS-jf1UPt_5qXJwSd3WDsTeyYirGSjkmPMHapGkmc8F4a9XPsoRbBL4Wy0oouxuXlE_ppMWKy9mBp7faKT0u23e85k8NS7rqqCUdMPs9G_rO_DzhUHg7aZGJ3-XYUYcdV36vPmwoAsdpR93HCaD0s1NAJrw8oneqiKtjKznmSYIwXOTwrJuulp4C3HuNxPUWiTN0bseBaj-it3JIm5ZAYxAsYBiW1OJPE1ToEDijrWcjmfAW67IZi8PE3jzh4vO0bGfcZOCSrJPqAc6XpSPNsD1dYlaOIGkCVv-xwAqp7gIAsFMPAWvz8pudx5V30TxjnL_BlikfKqnIohaEZjjbtBBBOn4ZfZxi-da4Yz31vs-s_hlPec5grVdXy4FccbJ0PWulul3p87OfQKsofKD1jG6DWo9AtVKQ8RiQUe3CM1GWXLaHLIbZiKGCEH0NeTyEJ4mfXs0-0cNErEQyucDX5nWXG7HeYDAZtwrVLDL_XftuPYNczhYOZj8stLaknOZzU1jDB0T12WBiv6FLeLu9-s9Ny3G8gSYkR-eZj7G3CSr8BcTRkfG5CHQrtNvzv2AQMHJpk5WomPl-Ym202_xZ24gzOkL02QkPoAabB7BiH_CSNr22oSiASTHY3Rhr3oQx4-p4I-b25vSSLG1ZuNfM3uqmT6ZPEQyg39sXm91kD16ZM9P4J8LNV919diabJEXwXU22GUtIfy_ucqIZsRrbUSzKcqj1-94z-AC2pGgobnCc_mDvwWgsnpc7eA3q3T4KccTDpV7TXXFQ-3ykLera25Co7j_fHm2OpFfJ1JxfLAF9AO_xW6cfDWaAe4TU3FbKMOCH86EylP5StRJs376f4KcTHy4uBcqFLlZe674TAYg0TTbheTC4zaKwsDtDGjuouCWrhYhjtbfpeTxwvUkXMGEWBNAgql_ydpxKj5cmRJ0KiTiuQVoGBLHT64W9AJzx4GJTuX1xegog6An46jPTZH7i19jKL7o3PO7_dvSBlyhykQqHa24czrlk5AAN-EdDlUra6HUNJh4CcoQJgETYdDXmSxFmNTw2TRirZ13k_f_VKqVafBiPLdyA7yxE2vA4XQwnd_7g31pJCdzYNOhesSTx_OYuNsFsxquaq67B8uozH1jA6GJQHdVYiwW1UsOYF9EF_0PLAL-VnhO2GJDwr8Slk4Vd5nA8Pj5RDaBQNHZa028w_6xA9rLkBwZoO2AFk4ChSD9DNcsLDhYJFr1DKGsr13wO3iIvR6AlyOGvZuQ1PJiG4IQ7jyHpUU31vRKbz5yR5YUrW0fERP-TbZEnoGNks8Zcl_o-yJPEJLS5GTLErednTKPL-XAiM4D8cXspO77AkCRZlqvHY7dSXESefuUNB4Svgs8PCSu7LyrXC8pZ2tOMR6EylXPZ0g40TeNHf2S98L3yVLNRTVvAydhTWzW-kH7j2JqCZ9VsFeXUmq4s0v-CZVjA9QK3N80zVX_cJWvWsz-QbxSBBhOiBFES9ituF5SyqFzwzO7Ym7fE7D5vvalsbNvekQ2YUJBKdYyF375JgxUxS6O63HZ9EJyWJwHUiAt51lxi4VHr6lf6wwsuI6GHjAvckC4blIlc0twa1GTkdeM3y1IaaRSmiKS9ezc8rmXiW7XtXFp04yIlwwSH_uqmCk0VTvQ34nW-ASP298XG6d6yG8QIws4XqP_FQyy0iW8T9fLAINScpqF4y4HxLXY2_t657cRnZaYBLjUG-RaqJeZQ86ZxsxP-L84pMZDb9XWGV7QvQhJhA3Puo7tON-e7BZD6hdUWqvnVyEdXenvYMHqeZqXjq6RS9xvbmSTFZfXFwOlf6YZjKwdgmaUJVVznIaJBsEpEgcLay9AZNJibIHJDssKY0m_gvWnS7LJo8VcQa-2Mul-Tuepl7YZLQ4FaZfkZxB38Ip4TYQtaZeJAUDER7NAFA9H7RX44xddj2MvIHvpaIFg2rXz9LiK7MXdlwVjSKca8ojPE0WgcEJBgH5DqKD7SfqqHAe-NKGSmZ2N68pzRIHJsukaVKn_iqozC4HKBEBUtnMbQ5-qsnrCmUPJgWvoGNsa3ARn3_Zl7YexY0ClBquGO84cOJFqJ29g6o5rCpSnZe2hiBiVkkpFteFY3EdY4nlPNPn1_sH0W1DbBQYdjHUxFlBpjDkpkHIH-cpec-oVISg3TAxn3QdcSa9SqMTdl5_HRxLIspih9ePJ_LuSEFDLtdpgOaaQw6_nCQK6DAZqoL7tkgv4gzCuCaN_RGAkBhF84Aj-FuVZKYa2kI2rvDzZMkUc9KTpk-yd57MDmBGwQFw1P4fDCj5gjez0Dwxwcf2uXX6GEuXGvN1QtnR2lmMMm4SbgK7MbSBDhvYDYF023U6GQRoAN9EP6rZ5gy0W60Rw27WNS0h45fihA3XR3upKnSUI1mCZTDdUlB9xsh-wYSb-vO4_9ETDE0bI1YbnY1siXXc03Zd6ZkdkgUCcgU6-jmVwHvjKRfIRFNytv_8ttCRCNQmXO1i6ju1ThyaitmLBd3FSl2eToqGW8YDV_NziAGP4NfwUxLJwlXBVKHtVjkhtLfb-vSBqId2ypUF0ASJXoyR&cid=CAASEuRorznpj6H869oJSkzOfiSSqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postview.gif
portal.blau.de/nws/img/ Frame D79B
Redirect Chain
  • https://as.ad4m.at/ad/tai?a=162158&b=1&c=3&d=1&e=775&f=&g=dbmvidnat_Pros_Samsung_A52&gdpr=&gdpr_consent=&gdpr_pd=
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_P...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211119084510588914706...
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&wfid=117667
Protocol
HTTP/1.1
Server
82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 07:45:10 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Fri, 19 Nov 2021 07:45:10 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&wfid=117667
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame D79B 		42 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D1%26dur%3D10368%26vmtime%3D225%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637307910095;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D79B 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstj-xH1KOntW7pdjDgdszMdLWAvvPLvQsiuO0_ZF1uEIrQQ4vZUgLYjF_3tjT9QP1mntagH4Q08sLLWMG8MLv0H6De5rIA97rReMdGG&sai=AMfl-YSs5FpUykN2Za69UKNEgmLZU1T4O206mEOZDLPFkUHCq8OxDw9QOO_7yC2mdpjWBqqeo63CaRYnqzrvn07oiAfD25mVjLTqdhu8nqsxPJhpmT-g06eA7pKDYmM&sig=Cg0ArKJSzBVgWRW5eJHVEAE&cid=CAASEuRorznpj6H869oJSkzOfiSSqg&id=lidarv&acvw=sv%3D20211012%26cb%3Dn%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D0%26pst%3D1%26dur%3D10368%26vmtime%3D225%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637307910095&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D79B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CidYEA1aXYcTSO_29x_APg5Oz4Ai145yDZuzuu7jaDvAuEAEg9drLGGCV4pCCoAfIAQapAiRKBxJ9DLM-qAMByAObBKoE_AFP0IzrPtVtHzOUb2KCcvx2NIbgkjouABis5OebMqfaCHbactsagDucm2C_muNjJG_JA2--DARB5plkvZHknN7g8vJ9JHK4rsx0pQRKaf9rVHG1pk9x663MVx2CA24T6J-a1Uc7iWT5TytbUJ1hqu1_4TUy5eYoPVIysdKLMVvkkmEf6UDGrP9oTMvHF_cJqAvq7X34mwLWFuGrndu59FCqaL85BvCq3ONT3DugJ01xwtVjfsbX0MpQ1SRFROOlLngANvZbu97-wONwiUGi3cCmUsT6tr4sRjk9grI1sKBoVGfG77vw--QxniOeEDSuprbOJVnJbff_3AklUPHABIHzt8zLA-AEA5AGAaAGN4AH-b-YYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIICQiA4YAQEAEYHbEJMcj7WXDBTuCACgOYCwHICwGwE5HB5ArQEwDYEwOIFAjYFAHQFQGAFwE&sigh=FsYEvg_FwdY&label=vast_creativeview&ad_mt=225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8DB7 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=f314f16a-ec70-a3b4-c458-99c580feb9ef&tv=%7Bc:uoGlFZ,time:1124,type:e,im:%7Bpci:%7Btdr:1009%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1124,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1118~0%5D,as:%5B1118~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:243,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16.854720-58245028%7C161%7C162%7C17%7C18*.854720-58245029%7C181%7C182,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:10 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlHd,time:1154,type:e,im:%7Bpci:%7Btdr:1020%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1147~0%5D,as:%5B1147~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:100,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:10 GMT
X-Server-Name
dt58.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 6522 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7o4w2fCLM-x8H08a7aK09qdJOicGLjdOkM4cuD2dWZNLQit1Y5_-EyqUe1dKmPatoFW_FV6o-K_yrTb7X4GaU_XpcmXK8_pp546i-hX8Ukn7NE5xG2Q&sai=AMfl-YTwtp3fNHtZZd_59BoMHBTcrH3SKwGMUEeX11dBlUXx7BpR2igWAxiMXrp5ISyzu6t2axgdeIW_KLwz-JAgO1R8ufJJwwkxhFn6SOCnRKiyFSxy4xf5zoIpM4U&sig=Cg0ArKJSzOHN9dSTbzjlEAE&cid=CAASEuRomuhOHNnnErAoul-uWYT9qg&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4249682862&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637307908325&rpt=872&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=2667603799827808&bg=!p6SlpODNAAZQLpa_UC47ACkAdvg8WnAdeKlMrkTw4UL8EOdJR2ENm_zf1HBWei7yeIyV-HWMd-PVhwIAAAB_UgAAAAtoAQeZArSfO_CdTxC4ef8pDj8yJSQucFYdmDDdwSk0aSaBJoV86yoTMW27uYT_DnyMM8SHBPP_TL7x3sHWZ4phoQHDNi8fSftuFqfVvXlfA5JCQCNxd-oSgt-iXRG6WkL6PTu9j8B0ZKmpdqYoGvW9tayl_daQuXizLvELZMgVVBub5Szh-a9WIoL8SefDiuiDEDWiOIbNOzgW7OeFluUV1mw02y57n9ztIwBOJFQyNzJbLU9Exd5AeTfeIzC0-7XyzKH8B4ofFUq-0HXNAbWvbii7nXuZ7IC4SmMquuYSMlgRa4I7iLFsFmBOEGm7uxPVX4QD97EeXwX1_Ev9Ab2poHPB1ZrxSZX3JNcXfPtsGxyrTPDq6a09OlUOFj7EelBFIFRLEJoqF1gEqOxpcETN9fHvZ6E7V6tACpmPVGBvA6IsHDKx7rDa-6o-nEFwU8Wvn6xcaKWhjxq8Kxb6jK2gP9uk22Z-JZDZ6PDapG9p1dE6DNOZ_M1sqvuX-tH-4ZoSzsFNt88uBT9apu5vQEs7aw5ChRaI9wxk1Nj9-I54jUlrlNzRaNbNQG8kK-ZXeoDq2vJ0RsRMP8mIwcZz31Vso187CUCdQbOPxKSVk5NhsK991DUw22BnBMGDrnUFOFxfAWu58PExhHv59oYK9ElyJC5fiK3vqolil2XOVui-rwY49H7e_Gi6CsxVGtwwaN6LYbndF0hPyj9mtK_xgQEtJy9NVRuiNOq2Qwk6jEgAEGEp8C7cVpMuTw8jMXxwqSbBmwAr2wqdirUObhd_kYOnkCbPvAHcP41TwhqHM4dLUYBOw7_tu8TB2C70Cf-qznTb4AQniDJBLAV9GI0uWYmVSD8k8ldSh7UfWLqn5d04Rgxfqq4-ABX_8v8ndJ-CWZ5Me-P-AuRflgBAxp0TQk-ajRXbhOPksMvcAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BA42 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Nov 2021 07:45:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3102 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 19 Nov 2021 07:45:10 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 3BDA 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUP91F1X&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57135155850347263414491e47458e89263391c100945db0882f9cbd32916a50
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 21 Nov 2021 07:45:10 GMT
date
Fri, 19 Nov 2021 07:45:10 GMT
content-length
7788
beacon
ap.lijit.com/ Frame 0450 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?gdpr_consent=&informer=8162798
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

Server
nginx
Date
Fri, 19 Nov 2021 07:45:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 81FC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158492&gdpr=1&gdpr_consent=
Requested by
Host: www.kanyetothe.com
URL: https://www.kanyetothe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.kanyetothe.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=70735
expires
Sat, 20 Nov 2021 03:24:05 GMT
date
Fri, 19 Nov 2021 07:45:10 GMT
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame D79B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~kw62usbn&c=7043254568004&slotId=3521627284002&qqid=CITg-KH3o_QCFf3eEQgdg8kMjA&fb=web_video-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=527&mt=video%2Fmp4&vs=1024x576&dm=10000&event_name=first_play&asset_bytes=59414&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=5&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.kw62uswq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BA42 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4b6a53bab3a884773b8f17518cf726fbfc8f4caf4d7870f519921bf76bc9728

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 07:45:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80725
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Sat, 20 Nov 2021 06:10:35 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 81FC 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6178662&p=158492&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158492&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:09 GMT
content-length
0
vs.kanyetothe.com
e.deployads.com/e/ 		2 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.deployads.com/e/vs.kanyetothe.com
Requested by
Host: tags-cdn.deployads.com
URL: https://tags-cdn.deployads.com/a/vs.kanyetothe.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.196.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-196-50.eu-west-1.compute.amazonaws.com
Software
Jetty(7.6.12.v20130726) /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.kanyetothe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 07:45:11 GMT
server
Jetty(7.6.12.v20130726)
content-length
2
content-type
text/plain;charset=UTF-8
v1
ads.yahoo.com/cms/ Frame BA42
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW62UQSC-10-I96B&sigv=1&esig=2~44e22c7b457df6a55507c2077680d3868dc0da93&gdpr=1
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW62UQSC-10-I96B&sigv=1&esig=2~44e22c7b457df6a55507c2077680d3868dc0da93&gdpr=1
Protocol
H2
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 07:45:11 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW62UQSC-10-I96B&sigv=1&esig=2~44e22c7b457df6a55507c2077680d3868dc0da93&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame BA42 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame BA42
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jlfp5JGPG1Bhnlz8mqZmzsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3354772849934671772
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3354772849934671772
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Fri, 19 Nov 2021 07:45:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3354772849934671772
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame BA42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJYGvpvb528hIW-kWCA-x4Y&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJYGvpvb528hIW-kWCA-x4Y&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:11 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJYGvpvb528hIW-kWCA-x4Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame BA42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame BA42
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFlYzczZWFmMjRiMWJlYzc1MDgyYzQ5M2M3OGQyMDQ5ODg1Y2FlOQ&gdpr=1
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFlYzczZWFmMjRiMWJlYzc1MDgyYzQ5M2M3OGQyMDQ5ODg1Y2FlOQ&gdpr=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:11 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFlYzczZWFmMjRiMWJlYzc1MDgyYzQ5M2M3OGQyMDQ5ODg1Y2FlOQ&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame BA42
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&gdpr=1
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&gdpr=1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:11 GMT
server
HTTP server (unknown)
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c2MlVRU0MtMTAtSTk2Qg==&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BA42
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5dfd6197-5605-4700-b8b2-bcadb2fafa8d&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5dfd6197-5605-4700-b8b2-bcadb2fafa8d&expires=28
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Date
Fri, 19 Nov 2021 07:45:11 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5dfd6197-5605-4700-b8b2-bcadb2fafa8d&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Nov 2021 07:45:10 GMT
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlZl,pingTime:1,time:2278,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1274%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1004,o:1274,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1267~0,0~100%5D,as:%5B1267~728.90%5D%7D%7D,%7Bsl:i,t:1274,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:11 GMT
X-Server-Name
dt58.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlZm,pingTime:1,time:2279,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1274%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1274,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1267~0,0~100%5D,as:%5B1267~728.90%5D%7D%7D,%7Bsl:i,t:1274,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:11 GMT
X-Server-Name
dt40.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 6522 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=854720&asId=b53b5bfd-8554-900b-47cf-d7bea899c77c&tv=%7Bc:uoGlZm,pingTime:1,time:2279,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1274%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1274,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1267~0,0~100%5D,as:%5B1267~728.90%5D%7D%7D,%7Bsl:i,t:1274,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:90,fm:sPc57WH+11%7C12%7C13%7C14%7C15%7C16*.854720-58245028%7C161%7C162%7C17%7C18.854720-58245029%7C181%7C182%7C183,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 07:45:11 GMT
X-Server-Name
dt53.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D22,5,186,296%26tos%3D2012,0,0,0,0%26mtos%3D20...
ade.googlesyndication.com/ddm/activity/ Frame D79B 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D22,5,186,296%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2214%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D3%26pst%3D1%26dur%3D10368%26vmtime%3D2441%26dtos%3D2012%26dtoss%3D1%26dvs%3D2012%26dfvs%3D2012%26dvpt%3D2214%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1637307910095;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D79B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstj-xH1KOntW7pdjDgdszMdLWAvvPLvQsiuO0_ZF1uEIrQQ4vZUgLYjF_3tjT9QP1mntagH4Q08sLLWMG8MLv0H6De5rIA97rReMdGG&sai=AMfl-YSs5FpUykN2Za69UKNEgmLZU1T4O206mEOZDLPFkUHCq8OxDw9QOO_7yC2mdpjWBqqeo63CaRYnqzrvn07oiAfD25mVjLTqdhu8nqsxPJhpmT-g06eA7pKDYmM&sig=Cg0ArKJSzBVgWRW5eJHVEAE&cid=CAASEuRorznpj6H869oJSkzOfiSSqg&id=lidarv&acvw=sv%3D20211012%26cb%3Dn%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D22,5,186,296%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2214%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D3%26pst%3D1%26dur%3D10368%26vmtime%3D2441%26dtos%3D2012%26dtoss%3D1%26dvs%3D2012%26dfvs%3D2012%26dvpt%3D2214%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1637307910095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D22,5,186,296%26tos%3D2281,0,0,0,0%26mtos%3D22...
ade.googlesyndication.com/ddm/activity/ Frame D79B 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7b_Iovej9AIVyWYbCh0-bAp1EAAYACDE4ZxKQhMIhOD4ofej9AIV_d4RCB2DyQyM;met=1;acvw=sv%3D20211012%26cb%3Dn%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D22,5,186,296%26tos%3D2281,0,0,0,0%26mtos%3D2281,2281,2281,2281,2281%26amtos%3D0,0,0,0,0%26mcvt%3D2281%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2483%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D0%26bt%3D3%26pst%3D1%26dur%3D10368%26vmtime%3D2710%26dtos%3D269%26dtoss%3D2%26dvs%3D269%26dfvs%3D269%26dvpt%3D269%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2281,2281,2281,2281,2281%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D836517100%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2281;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1637307910095;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D79B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CidYEA1aXYcTSO_29x_APg5Oz4Ai145yDZuzuu7jaDvAuEAEg9drLGGCV4pCCoAfIAQapAiRKBxJ9DLM-qAMByAObBKoE_AFP0IzrPtVtHzOUb2KCcvx2NIbgkjouABis5OebMqfaCHbactsagDucm2C_muNjJG_JA2--DARB5plkvZHknN7g8vJ9JHK4rsx0pQRKaf9rVHG1pk9x663MVx2CA24T6J-a1Uc7iWT5TytbUJ1hqu1_4TUy5eYoPVIysdKLMVvkkmEf6UDGrP9oTMvHF_cJqAvq7X34mwLWFuGrndu59FCqaL85BvCq3ONT3DugJ01xwtVjfsbX0MpQ1SRFROOlLngANvZbu97-wONwiUGi3cCmUsT6tr4sRjk9grI1sKBoVGfG77vw--QxniOeEDSuprbOJVnJbff_3AklUPHABIHzt8zLA-AEA5AGAaAGN4AH-b-YYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIICQiA4YAQEAEYHbEJMcj7WXDBTuCACgOYCwHICwGwE5HB5ArQEwDYEwOIFAjYFAHQFQGAFwE&sigh=FsYEvg_FwdY&label=videoplaytime25&ad_mt=2710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 07:45:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al function| perfMark function| perfMeasure object| lazySizesConfig number| LUX_t_start number| LUX_t_end object| XF object| dataLayer object| googletag object| deployads object| California object| adConfig function| $ function| jQuery object| Mustache function| Pikaday function| autosize object| $jscomp object| webpackJsonp object| lazySizes function| checkDescriptionExistence function| hideDescriptionContent function| resizeDescription object| store object| regeneratorRuntime function| trackValueToFollow number| secondsInMinute number| secondsInHour number| secondsInDay number| secondsInMonth number| secondsInYear function| getTwelveHourTime object| anchor undefined| redirectAnchor function| adjustIframeVerticalPosition object| google_tag_manager object| ggeac object| google_js_reporting_queue object| google_tag_data string| GoogleAnalyticsObject function| ga object| d object| e object| link function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| Ads boolean| adsLoaded object| _ssrt_inst_cachevs.kanyetothe.com function| _set_consent string| __at_pvid string| __ssrt_use_dam object| _ssrt_inst_cache object| pbjsSortable boolean| deployads_loaded boolean| sortable_consent_loaded function| __tcfapi function| pbjsSortableChunk object| _pbjsGlobals function| __tcfapiui function| __uspapi object| apstag object| mnet object| _clrm boolean| apstagLOADED object| webVitals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

47 Cookies

Domain/Path Name / Value
.kanyetothe.com/ Name: __cf_bm
Value: sdFiel_V0ykHcVfKuAZGIJIe5.c.7yiZq3l.D.Suhpk-1637307905-0-AdK41P/yJQxhvv+1GcTQM80JBVQTQ2JAa8Gq5nGAVyrTax/OHv+rslWRW8uMEHGKdzvwrSr3ns4rEXpmhe66b/YSO8KJm6/bn+zPYieNMgmI
www.kanyetothe.com/ Name: xf_csrf
Value: aQJbJEn0XWD6Lb2v
www.kanyetothe.com/ Name: lux_uid
Value: 163730790630173811
.scorecardresearch.com/ Name: UID
Value: 1L0ZKN77KF5A5W2I7YLCSSg1637307907
.www.kanyetothe.com/ Name: __cf_bm
Value: 4dHQ64UhYVyIcAvErmtWK23zNnDa8Wc8dAUPGcSQg9A-1637307906-0-AVQcaeM6Z8xUx5eoR3E/bW5OqLkDMMpKKThRXCM0l7Fb7kMFdrrRbtnZlr3Iayz5a/xUOHxEVYO9MQ4Z5vABjwOFli8VHpqgr42bAX+WTT5B
.kanyetothe.com/ Name: _ga
Value: GA1.2.133400659.1637307907
.kanyetothe.com/ Name: _gid
Value: GA1.2.667593450.1637307907
.kanyetothe.com/ Name: _gat_UA-45305421-4
Value: 1
.google.com/ Name: NID
Value: 511=c-Msbu9ZiXxuUDAWLyx0byUqBb7fgtjjkFA5ZEfj7SJPxLwcnEd7cJRCPnJoq8J0DAeTQoyYDebihuOJQCixBaNANJupfuXF6bDw_D-MdYSfZxtWOGIjAgixkJYcg8rt7QBcjx3jHEfY629vt9DQ63drrajMFHthZ3vu1TXqbA4
www.kanyetothe.com/ Name: vsOptOutGdpr
Value: true
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: khaos
Value: KW62UQSC-10-I96B
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrbG3L8zMUEzQlE2IyiwyordnwCfVF8zn5qjK1sECNPH/Z/7L1l/WnPQuCDLc1RvZigwnY+AnVaGuCAnekPgJibNEk9cK5ohpPc6UO785F0Pw==
.doubleclick.net/ Name: IDE
Value: AHWqTUmNJHM2doHuV0EDJnwM1qIb4L99-2tHgyxtHZKK2m2Gh2LJvThhnIKicmdAnrU
.kanyetothe.com/ Name: __gads
Value: ID=03ea7eeb16976861:T=1637307907:S=ALNI_MYuswum7uasgdSsFSVtFAgEU7cYhg
.casalemedia.com/ Name: CMPS
Value: 5207
.casalemedia.com/ Name: CMID
Value: YZdWBMrEyBjh8kfibjN54gAA
.casalemedia.com/ Name: CMPRO
Value: 1108
.casalemedia.com/ Name: CMST
Value: YZdWBGGXVgQA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaME*SFv!@wnfH8K6pQK`!5=E<*L5?%K/.yYgl6Wq>@0-u#p6EetHcgW'vC*ghVm(aLaP(hw9P-HC_#tt_a)qf6V
.casalemedia.com/ Name: CMRUM3
Value: 2d619756042760CAESED4IfBbkWza2v9-gSf7CnP0
.adnxs.com/ Name: uuid2
Value: 7728979438575188648
.krxd.net/ Name: _kuid_
Value: OfZ7Jy80
.lijit.com/ Name: ljt_reader
Value: 04b35164e58183240d250ae9
.openx.net/ Name: i
Value: 33a2c5d9-f5fc-46a9-b65d-f299234dc55f|1637307909
.adfarm1.adition.com/ Name: UserID1
Value: 7032183922642516109
.blismedia.com/ Name: b
Value: 61975605164E0414D3CB8FDCBLIS
.3lift.com/ Name: tluid
Value: 14294479088152804774
.ctnsnet.com/ Name: cid
Value: b7d429dc172d4b07bddd8771241a4207
.simpli.fi/ Name: suid
Value: 7F6721DAC22A43E694B71FBC2E8AA916
.quantserve.com/ Name: d
Value: EF0BCQHhJIEA
.quantserve.com/ Name: mc
Value: 61975605-61dfd-32061-dc3e3
.mathtag.com/ Name: uuid
Value: 5dfd6197-5605-4700-b8b2-bcadb2fafa8d
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-97d62b28-8c76-4c40-8100-f1b2c3a7167b-003%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-97d62b28-8c76-4c40-8100-f1b2c3a7167b-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: awnseFyOZbSEoJTyBqKuJSEd3MxmFToZa4pFuqa2aVcQwYbnSQf00VDaK5wt6l7DWrfM4R3uUwQuQoM5coM8lN
.c.appier.net/ Name: _auid
Value: i_eC4e9FCxqTtJQ8BlaXYQ
.c.appier.net/ Name: _gu
Value: CAESEHiL1ogZyqGlIxt2fS0v5JU
www.lead-alliance.net/ Name: PHPSESSID
Value: oag8s8msua1bvgidgu3urq0qe7
.lead-alliance.net/ Name: ppv1225
Value: 2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTE5MDAwMDAwMDA2MTYzNzMwNzkxMHZsZWExZGUyMDIxMTExOTA4NDUxMDU4ODkxNDcwNjI5WDExNzY2N1YxMjI1MTMxMTA2TVN2aWV3b25laWQzUDR0cGY0Zm1HRXJ0N0hxdFhIRXQ5OTRhUFN6dFpmZG9uZWlkX19kYm12aWRuYXRfUHJvc19TYW1zdW5nX0E1MjExNzY2Nw
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021111908451058891470629X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__dbmvidnat_Pros_Samsung_A52&wfid=117667
.ads.pubmatic.com/ Name: KCCH
Value: YES
.mathtag.com/ Name: mt_mop
Value: 9:1637307911
.yahoo.com/ Name: A3
Value: d=AQABBAVWl2ECELSajiQHD3IfEBM8Nz2eryQFEgEBAQGnmGGhYQAAAAAA_SMAAA&S=AQAAAnL5jR2P8nDfI_i2Ou0zeHU

4 Console Messages

Source Level URL
Text
javascript warning URL: https://www.kanyetothe.com/(Line 15)
Message:
The PerformanceObserver does not support buffered flag with the entryTypes argument.
other warning URL: https://www.gstatic.com/admanager/outstream/web_video.js(Line 387)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.zanox.com/tpv/?45534115C1609939955T&zpar0=dbmna_vid_audtsh_b_pv
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://id.rlcdn.com/709414.gif?gdpr=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.tribalfusion.com
accounts.google.com
ad.zanox.com
ade.googlesyndication.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
b094286b71767f8d8fa18d38bcc0da07.safeframe.googlesyndication.com
beacon.krxd.net
bid.g.doubleclick.net
c.amazon-adsystem.com
c.deployads.com
cdn.mookie1.com
cdn.speedcurve.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
csi.gstatic.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.deployads.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.platforum.cloud
js-sec.indexww.com
kanyetothe.com
match.adsrvr.org
p.skimresources.com
pagead2.googlesyndication.com
partner.blau.de
pixel-sync.sitescout.com
pixel.rubiconproject.com
portal.blau.de
pr-bh.ybp.yahoo.com
prebid.media.net
quantcast.mgr.consensu.org
r.skimresources.com
r3---sn-4g5lznez.c.2mdn.net
rtb.openx.net
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssp.adriver.ru
static.adsafeprotected.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.skimresources.com
tags-cdn.deployads.com
test.quantcast.mgr.consensu.org
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kanyetothe.com
www.lead-alliance.net
www.telefonica-partner.de
104.16.69.82
104.244.36.20
104.254.148.133
108.128.79.28
13.248.245.213
142.250.185.130
142.250.185.98
142.250.186.98
143.204.95.188
143.204.98.125
143.204.98.70
151.101.194.217
151.139.128.11
169.50.137.182
172.105.199.172
172.217.18.98
178.162.133.149
184.30.24.22
185.29.134.248
185.33.220.240
185.64.189.112
195.216.249.67
198.47.127.19
213.19.147.45
23.218.208.200
23.218.208.246
23.37.38.181
23.37.40.118
23.37.42.132
2600:9000:2156:2a00:9:46dc:4700:93a1
2600:9000:2156:c200:8:48e:53c0:93a1
2600:9000:2156:dc00:3:a4cd:8380:93a1
2602:803:c003:200::21
2606:4700:20::681a:bd1
2606:4700::6810:7eaf
2606:4700::6812:a02
2606:4700::6812:c05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7001
2a00:1450:4001:11::8
2a00:1450:4001:801::2006
2a00:1450:4001:801::200d
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400e:80d::2003
2a05:d018:d29:3605:6590:6a:1c2:7426
34.107.148.139
34.247.228.32
34.96.105.8
35.186.193.173
35.190.59.101
35.190.91.160
35.201.67.47
35.227.252.103
35.244.174.68
35.71.131.137
46.4.41.145
52.211.196.50
54.76.254.33
64.233.166.154
66.155.71.150
69.173.144.138
72.251.249.9
81.222.128.216
82.113.101.236
84.200.5.215
85.114.159.93
01df2df3715d6d8087abea2a4285154ff55020c1b836a60d21b378b03c7000c9
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
029bc9bf7ebbdfad227b8befebb0958bbbbd746ddbaf607ae90193b95712945f
04eef0864066cd99e53c320b4043c2aa1300fa77b1c202d5d5c8d46e7de4a70a
059eecfaad94a32206bf7457c93aca281aa854772fdc62eafebb733acdf6f8ab
05eedcadbc036fafa32486ac0874cb1c46c236478b22fddc061a3db6860caa45
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079859f8d3a75b54c3a8b3b9bcb26c545ff7f60f75b3e63547afa42a47488cf6
08c1ecb42fb01fd19cab3bced6c29c897aba0fc32bf423d6bb7745b767bcaa85
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0a8556f986f67dd1f06456e0bedcf9b5cb298b5989f157d42196fc6fc36ee6e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb970334d2fa7175c6064a97c407d5284aedaac1cbf43757e19c18154cb36ac
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c28ba7c70ba4129e5fd4ce1030b71b923765c283b358e3647ba56968d09b7bd
0eda8c9bbf6ebce02fc7d0cb8573ff21a050dbb94fb4e39ec685596e834d5621
0f4251340b7fbb1c6e4697c107ea643180eeb1c799728b87d579c4d23e4c2de7
0fb563d99f1c1e7fe0ab9dd784ad104d6f44076c095323c16b3f49cff63a6af3
0fe1bc8affa1b1a1c435e3d8bda11480182cfebae9436b33693e0e7d10001c5f
10f2609fb8414f691940e125e0644deeeb7a15dbcb8a89e756865938330f31ff
113278609b46bb7d4d5b51f13a300074ac6083526d5e3178161f57c780ccd457
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127bbb15ecf61caf6cd74121988316081091260c97da567969f7f50e034d4375
16079a699fcf0f31bf787151c6b453508a47192bb5631f1d666b63b3628dd8a1
164f11af66705aac8d65b627683abea0be000388c7d396ea9c69dffd976c7f4b
1778f6c6f3c9657a16e4ef6d8dcd1cb770b786593c6e3a4428809e46d0e19d3d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7bb71a9a644dd97cca807b2d21ebdb388030155615eb9f04d20b59ad589ead
1bb21d457aa1a8fc0b295c99c4318f14764a2e2e599939215c743b4e316efa1d
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
1cdf3fa638c54700b4aa42b6614d45dcef03cdc313f81649e0ae07ef98fda7a0
1efcf21f2fbc4427dd639b8f0b4521c69e68ac8429bd30a0af30f75f3ffbfa87
1fd5f470f52f8cebc05a2c7158bcbff9ef2c334b657c45767b65ed2bbbf572f5
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
237f9cd58dc7a9ca94941e61330960c620e6b39577fcb5043706aa24fd4108dc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
299486b774aba5f7d2d4d1044f6c531a92d4d97f0c1e5c5c8088a6957095efcd
29b2ebfd1ee5894de2fe7c188cfb132e4c2d1937ebb460c7b54a2b8c14996905
2d3d21f5633abb2b89bbe44244e7ac3fa23aa26f37c58dda7f460bd26d2a82bc
2de7d20fa6e3e31cb063e278d7e5505b7ca77f75c985e5da59c939ca61bf740a
2ff9620e44b6cf2332aa7916280f95df07774b5cde88c8a9717f94caa897b26a
305f2d7bbc029e70b3576e0b671c815a4c36b5e2eb56c3a95b3f2a89308213b6
3448be10d7cc7a88d7d4bd5f2ab54af047a6230d0854215fec1e9bcdb162b841
346b9507de02d8a47b7f0851470e72fbe1653fa7cb932b613255a7c0ea0db94b
35429af42b2abf4801fef47f4804b95af072e8704837c1637477096550c47d81
358657e2af5ce8c78aaa8b49611acfa2185df2e01d1d8cdc875419840738a679
35b144c01dcc6eb3e7ebe739e407cf0ce0f4f2809911fff004a146e2e441a838
3645cc7cf729a22877ff158372b25c017efca47a5fc31921363d1b01ff00313b
3674edd301b537f3af5f076a2f3ed9d6db024df26d51e785b16edb497197aaf0
368b2fe237b67caf364385af66e048a1784cb07fa6e5612bd926d4e3321e1c94
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
370d737d51b7ddd77f92d29484e55550eabecfa41e801a55f25947ff6f6b56a6
37c58419b5ca1e7f0a9e93cb93ac360cd7315904300ee825318659719a1f588d
38e2b156afbfad278e452726d8a76658fe45dceb392b24f13d35d43e7d5b61d5
3bbbe53af902aa5961a449200a09790e89b64560fd2a4d89f2d6c80f76076d16
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400e7a9f32b9d47c90e67bdab6d07c576845afd6a5f9bce0bfb8580350b7118d
4115d6a06c86ad61f3c407b8d61664a47dd8c0d5de076f0da1e0270c3efac8eb
41935792dc6ffe9c2016f7474829401259b79dc2f991aebe3cd8de6139187ef9
43af4bed3fa8296d93aa04a12962cb67e953165ca2ea93ecc73586b6f8c7c031
44ca8b8cf02aa2cd9e272540e25d484e7a98e89c1e78db7f9df27a8fef8acc85
4569b815ae030a8ab83a429543cb41cdb4151f55ca4f9bb38eafa1d06c407e6c
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
4a64a692e546b1e98b30c887c6c44c9e7167bdd6231d4dd7dd21ccd6c8d6b963
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4eac1e53dabcb67b550350dbf0717ddcdea2c38295e5093e427f4e9842c02cc1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
500656056a5b7cc10977756a3267000aca5bd02c33e1cdc98723be35a8aeb016
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5082a4d95b5c30486402d98508fb00d52ee5b6cf013e5f23695c32c2135522a2
547eeb26f77d91eddcb169ea10ebfe19ff547c725c7c3af055914f2ecdb61a35
5480a574ad434103747cce480c50a3d98afa99504cbc039dec615855d2c35fd2
57135155850347263414491e47458e89263391c100945db0882f9cbd32916a50
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
583bfdcb7f7c4e39a1881fe876211de21684863c3b9b1952bee5e4d62a4c54fd
58a1a71ffdf9d60b92e096017fd407d193e2cd62f7711e7c064d8e228419fd11
5b70a52d159d5b5ae8cd55c2e89b3b1856cd7a0810292bc264c0cef2ec8da1b8
5e5f730223c1796d4f60ec39aa9cfd7ffcc5b069be8da5991ac8b14d6ef47610
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63218477707b25395a19bf6b905ef27eed13e322e1009208eeda6d96fc98831e
632eff7d4589ccfa8b28a6c50da1cca3f594eebbab772575fd71ed67ddc635eb
646776e6c890ee749bac904692fc50613d2982c18339947f10a74fdad4a6cf3b
6557e951d16294bdd96f0bef6e24d1b2427da90d76c22f7af236688a43c47ca1
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65ac0a146b18624b9856c1fa22d640007b4a456c2f7e87adfe143b1cf9fc9f37
68909bbc9daacba9218ab44ec0737af803d0f6b32362c1c390bd067c080b4318
6a964302d506752bddfd215bf00300674bf0ae84a83ff4e8da5ce22f67206078
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6faf50f0b959b83261d07aab9ada816c58a05177dd2f4c49fec41c6cdae8d41e
72849cabc242f7f7c41b430bf7a1ca53f81252b960c87365960b6808d54568ac
735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
753a1f7f77ef476dc665babe49110057d2c91edd57b7153c0a1ee4ae80e48477
7692140e621c79437fef1a789a47757de871531bbb1941e1fae16b863da2b3cb
78ef5d4ce170840ea542462ddb7a1dbbbda7347a54c417d731f360bc66291f9c
79559d79fddfa4b696eb08f50b078dd3bb9885165167ec36b9981a6aa30590cf
79aa0b133cf46cc364d4d17cce45c5fd79d7dce0fa7cb69ae52b58f60a421911
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7bfc262afb772b24cdfe4566439ee4a3decd7c0c7339911e5e0c1072689ce2e7
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0b0d90497c4044aba405c257367cbcc76a706af25929b5f00e88faf593278b
82b0f43d1a0f7e197b7cad88a2a413b1723f4a797f37287eb8054148caaa400e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83690327745199f8f1e06235efd1cc8b335d6cfa06524b6b9ef47568b36837e7
836e1e1130b7445ddde61362d198c0954f0ef98638d326bf70057070c8700427
899f228abbb3b07f17a80141b8494498b6565a037b41df371ad8c1150e78d5ef
89b4504db66c70d6c78955ea0349b45db7b13791b0cb240cd0365cb21851e3d1
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ae4506885a44439edcd8f294fba591293f1d8b35fb5098f5689f27340a6d701
8b0f1ea57afa2f350afa3a3bc389f131d43a8568197061929233bac41aadaca0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e78481ee4aeb94701d333adab4048228b18dff21d1b789a089728bc66ba556f
8ee7732c64d91bff16acbe1f889e1bc3c81a9ef3c9f2d5d6cdcfa2be7b1f2cc5
8f234bf4323fabaa02d627f4a633652ea5bc6d5323fd528b7c12ef3b6f57b6b9
8fe25a0c734bc5c9599b8bcd62c1018a66d8699678d0f7858f1fbb2b01bec082
915a80e949c160f477cf0180e73866a566fb5321d28c337aeb3ca8f87bb2dabd
91f0f7c572c50c1d67bfe7df208fdeac695c9c7bafd20d876fc3352c16ccab42
9425a3d0a5e84066981c2a8515c8a233cddeae94b2cc6462fd66a1d72a6acfe8
99fd6da0917428dbc23ef4b80e714d3f467c06999c2ec456267da49275bf6f9d
9a73a99fc19939f6cbcb8bb0ec7a641a515ceebc2ce80de20185b1976409ffaa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6c5e3270c6d3c4f69307209aa20a2b0e13834bca01d21657775babfe5f9ee0
9d753fc5b35714816c5e961936dee68540e12127ff84462569639e59a2ca2ad0
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9eb3bb24e4a85256db7624956cf43c0c9f190d143f093882c4cdafb5828333f8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f45a49d27117af1323c98b6f17499f08f49e5e60db826db929e583f2e8e65f
a122d26ed01c1c19d11fc6b2568c2f57c6a55d97fad424949fa6ae38e8b024d4
a1729059e99f251d3ddca6621cd10dc5f5d5caca42ff08ade757c0dc2ae62776
a17e50a5f6fa130fadf1adf5cf538f131e679eeb8d00cf9025756b48faf94e99
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2a5ee861141788f09d0bc2bae50da4e95b50cb1f254fe35389fa27402ce8dc3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83c1eb6ad10c18c6c9425c21fe96d1d9eb7bd860b13b081129f4500626276b6
aaf1611cfd23cc84e79ed595ed25ae334148a348a618cdc4c0caaeef225a389c
ad8d29ad3f919472a8071eca65a4f30cb629b4bab9a5c2ad23f414f03b3f1bf5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18c42ffdcad46b3a629de1d3180e62059d0a448b9cff921f3b7ae51f36f4efb
b2c59f90ff4d8c01067bc884a2844afd20624e56eed0878bde979e3124211543
b2f638c6424109f9be791aa06b37e83395aa8120175531d2138e59f16e768ab0
b6732ef598323e03a0c430d90f45d0a63934d22b3fa51f6bddfb6955ce651162
b96dc95f363ef34b8ed6582fa46d48b08a0d06df5477888a23f09eb9e8fa4758
bb8be4c08d8e3b75d889991571be947e23d0ca9eed7c8df0c662357a8cee1714
bbcd7af53169dd62d731982b9cd8acc2913330610ccf733662846e88e155b2fb
bdfc1e62eabcbf9c50eacdbc4e5ba39150e7bce34d342071651234ef46a354ea
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
bf34f8924fc487173a26413f30c0214e163be16694a3d4f0725fe5ec4f4562a7
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c54fdc273be1316f32fdf1e251e1b1b07931f667318ad3c8eeb562c352c7a148
c5bb52cec291e05e9e856379640dab19b23fd6c8f7ed054b2315a2feef7d232e
c76474a292efe51a34699fdca25642c92a4b62c53bcee2297c479e190747e937
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
ca7c81d8dd33c3cda776c3767bf1ef4254bdc97829b8cc788b474b3822b1584d
cb5a7d0fb41f6032f441a792ec289d11f738db3207639769e8467d0b9b9ae012
cd9e236fae5de17b46ffae2bb0c19548862243baeab16aa2841c890473756cdd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d46b4ce496fa7cbe05d43445a9b3a1f59c76965250f703d1637b62813615bdad
d60e7952fefe8ea9b2039e08d95ea43d656b6fe92742556c2e8023303cf251fd
d64797d31b789d1736c66c6241c30f721ffaa325b0e1af5d29574aad0f9a8906
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
d8cf88fb98b3296aa84364849b4aea1fac2453eff4df7cfb84c26efaf9016b24
db7937da9ef8d33c9a315a34aa66b11a8d783339b2a50ac5fe7af63a357c854c
dbd33c611aaa5267e5eb547ab99565df43a4f04fe1ca131d2806af47509008bb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd04f4d530ec4b2a29a279e286e19ce39595ed78ef58c11c91344ad057d03650
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df1d2cf5425c844da8ec2a4eb0bff3bb9a2a6c17279222611d5295559599bdac
df2222410eed9b89846d18efa74cf3f6faacca942e7210d1b034af823470a9a1
df3a8f01160163a5872b52eff1f7e59e905d5b11ed426ad4d043eb55bbcb45e7
e0ffc7e0879534a888c576c63b2da7f3745852906dd9b2b3947675fcf2c33a44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e50e56cd4575464a5ec96bfd872ac475479aeaef8f2278116799e4f00a983af9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64001af2e54cb9056f143e4f42eecccbaead157a5382ef9ada9f802571e1cc8
e718052c8754c80a0167f55bd3ff84a9dd4aaf363d23b1f17a7218f003bf2409
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e88560bf08e11120d7c003044d4bea8eb151f2789a101693aac8241acc0b80ef
e8b03e5a5fb935065ac62f39e7135508acd4d5497cef2800514734bfa542f21f
e99b7314d99489492e01db55e20377f857f7979c970ba8ae5651ea86e173f1b8
ee691d6c4f672292e495cd965cec9fa5eb6abdc0a841d79c2629a4a297b64908
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17be429d6d893cc308afc2a2ce4f9e4e9cff877cad4dcee6d01a26c8716f77e
f212a5e3352291f258178ecc15e076811104b3a6dab6fb99737e5b6b1492cc1f
f481ebf25806a1c681c2d4029eb083009b77d9abae859d7e5cbe56b1d2c641ce
f4b6a53bab3a884773b8f17518cf726fbfc8f4caf4d7870f519921bf76bc9728
f6b615f9673ad5acda73617d617511c3f573dc0d655dc9c488f44bacd594b4ce
f8321eff2e39cf5a76b3388cede8a72e913471f3dcaf7f9aa5644cc4d91316b6
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd4291255a512855bbfcde26ded1411a799dfe6471de922bdb122ccf598fb177
fd49ea706e142f20fa2a651078111586b78378b51e065df592faee081e8d1c92
fd593969bd918c47be019a17a90002d89e8214ffeafeb671e92313f80e1beaa3
feec8e9e8adfcddf8be0cb7bc79268e0c6961c8e9de49b25ce1f802f74f0687e